Insurance | | Page 5

OCR Plans To Survey Health Plans, Other Covered Entities Hit With HIPAA Audits in 2012

March 10, 2013

The Department of Health & Human Services (HHS) Office of Civil Rights (OCR) wants to ask the 115 health plans, health care clearinghouses, and health care providers (covered entities) that OCR audited in 2012 for compliance with Privacy and Security Rules of the Health Insurance Portability & Accountability Act (HIPAA) under its HIPAA Audit Program to share feedback about their experience. The planned survey announcement follows OCR’s recent released of restated HIPAA Privacy & Security Rules scheduled to take effect in September, 2013 and as OCR continues and expanding its HIPAA Audit Program in 2013. All together, the signs are clear that covered entities should update and strengthen their HIPAA compliance and risk management practices to withstand the tightened rules and enforcement.

OCR initiated the HIPAA Audit Program in 2012 to comply with Section 13411 of the Health Information Technology for Economic and Clinical Health Act’s requirement that it audit covered entity and business associate compliance with the HIPAA privacy, security, and breach notification rules. While it continues its HIPAA Audit Program in 2013, OCR also is evaluating the effectiveness of the HIPAA Audit Program audits in 2012.

To this end, OCR currently is conducting a review of the HIPAA Audit program to determine its efficacy in assessing the HIPAA compliance efforts of covered entities. As part of that review, OCR plans to ask covered entities audited under the HIPAA Audit Program in 2012 to complete an online survey about their experience. In anticipation of its conduct of the proposed surveys, OCR is inviting public comment on the burden to Covered Entities to complete the planned online survey, which OCR estimates will take two hours to complete through May 20, 2013. According to OCR, the survey will gather information on the effect of the audits on the audited entities and the entities’ opinions about the audit process. The online survey will be used to:

Measure the effect of the HIPAA Audit program on covered entities;
Gauge their attitudes towards the audit overall and in regards to major audit program features, such as the document request, communications received, the on-site visit, the audit report findings and recommendations;
Obtain estimates of costs incurred by covered entities, in time and money, spent responding to audit-related requests;
Seek feedback on the effect of the HIPAA Audit program on the day-to-day business operations; and
Assess whether improvements in HIPAA compliance were achieved as a result of the Audit program.

OCR says it will use the information, opinions, and comments collected using the online survey to produce recommendations for improving the HIPAA Audit program.

For instructions to comment or more details, see here.

For More Information Or Assistance

If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 25 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to ask about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information about this communication click here.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:

THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS. ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN. ©2013 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press. All other rights reserved.

Measure the effect of the HIPAA Audit program on covered entities;
Gauge their attitudes towards the audit overall and in regards to major audit program features, such as the document request, communications received, the on-site visit, the auditreport findings and recommendations;
Obtain estimates of costs incurred by covered entities, in time and money, spent responding to audit-related requests;
Seek feedback on the effect of the HIPAA Audit program on the day-to-day business operations; and
Assess whether improvements in HIPAA compliance were achieved as a result of the Audit program.

OCR says it will use the information, opinions, and comments collected using the online survey to produce recommendations for improving the HIPAA Audit program.

For instructions to comment or more details, see here.

For Help or More Information

If you need help reviewing and updating, administering or defending your group health insurance, employee benefit, human resources, insurance, health care matters or related documents or practices to respond to emerging health plan regulations, monitoring or commenting on these rules, defending your health plan or its administration, or other health or employee benefit, human resources or risk management concerns, please contact the author of this update, Cynthia Marcotte Stamer.

A Fellow in the American College of Employee Benefit Council, immediate past Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Group and current Co-Chair of its Welfare Benefit Committee, Vice-Chair of the ABA TIPS Employee Benefits Committee, a council member of the ABA Joint Committee on Employee Benefits, and past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer is recognized, internationally, nationally and locally for her more than 24 years of work, advocacy, education and publications on cutting edge health and managed care, employee benefit, human resources and related workforce, insurance and financial services, and health care matters.

A board certified labor and employment attorney widely known for her extensive and creative knowledge and experienced with these and other employment, employee benefit and compensation matters, Ms. Stamer continuously advises and assists employers, employee benefit plans, their sponsoring employers, fiduciaries, insurers, administrators, service providers, insurers and others to monitor and respond to evolving legal and operational requirements and to design, administer, document and defend medical and other welfare benefit, qualified and non-qualified deferred compensation and retirement, severance and other employee benefit, compensation, and human resources, management and other programs and practices tailored to the client’s human resources, employee benefits or other management goals. A primary drafter of the Bolivian Social Security pension privatization law, Ms. Stamer also works extensively with management, service provider and other clients to monitor legislative and regulatory developments and to deal with Congressional and state legislators, regulators, and enforcement officials on regulatory, investigatory or enforcement concerns.

Recognized in Who’s Who In American Professionals and both an American Bar Association (ABA) and a State Bar of Texas Fellow, Ms. Stamer serves on the Editorial Advisory Board of Employee Benefits News, the editor and publisher of Solutions Law Press HR & Benefits Update and other Solutions Law Press Publications, and active in a multitude of other employee benefits, human resources and other professional and civic organizations. She also is a widely published author and highly regarded speaker on these matters. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, Modern and many other national and local publications. You can learn more about Ms. Stamer and her experience, review some of her other training, speaking, publications and other resources, and register to receive future updates about developments on these and other concerns from Ms. Stamer here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested in exploring other Solutions Law Press, Inc. ™ tools, products, training and other resources here.

Other Helpful Resources & Other Information

If you found these updates of interest, you also be interested in one or more of the following other recent articles published in this electronic Solutions Law publications available for review here including:

For important information about this communication click here. THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS. ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

1 Comment | Employee Benefits, Employers, Employment Tax, Health Plans, HIPAA, Human Resources, Immigration, Insurance, Internal Controls, Payroll Tax | Tagged: ACA, Affordable Care Act, Employer, Health Care Reform, Health Plans, Insurance, Patient Protection & Affordable Care Act, Pay or Play, Shared Responsibility | Permalink
Posted by Cynthia Marcotte Stamer

Businesses Urged To Strengthen Their Worker Classification Defenses As IRS, Other Agencies Step Up Audits & Enforcement

March 10, 2013

Businesses using non-employee workers should heed the recently announced expansion of the Internal Revenue Service (IRS) Voluntary Classification VCS Program (VCS Program) as yet another warning to clean up their worker classification practices and defenses for all workers performing services for the business in any non-employee capacity.

Relying upon misclassifications of workers as nonemployed service providers presents many financial, legal and operational risks for businesses. When businesses treat workers as nonemployees who render services in such a way that makes the worker likely to qualify as a common law employee, the business runs the risk of overlooking or underestimating the costs and liabilities of employing those workers. The enforcement records of the U.S. Department of Labor Wage & Hour Division contains a lengthy and ever-lengthening record of businesses subjected to expensive backpay and penalty awards because the business failed to pay minimum wage or overtime to workers determined to qualify as common law employees entitled to minimum wage and overtime under the Fair Labor Standards Act. See, e.g., Employers Should Tighten Worker Classification Practices As Obama Administration Moves To Stamp Out Misclassification Abuses; $1 Million + FLSA Overtime Settlement Shows Employers Should Tighten On-Call, Other Wage & Hour Practices; Employer Charged With Misclassifying & Underpaying Workers To Pay $754,578 FLSA Back Pay Settlement.

Originally announced on September 22, 2011 in Announcement 2011-64, the VCS Program as modified by Announcement 2012-45 continues to offer businesses a carrot to reclassify as employees workers misclassified for payroll tax purposes as independent contractors, leased employees or other non-employee workers backed by the enforcement stick of the IRS’ promise to zealously impose penalties and interest against employers caught wrongfully misclassifying workers. While the IRS’s VCS Program and stepped up audits of worker classification provide a strong incentive for business to address their worker classification risks, the IRS is only one of many agencies on the alert for worker misclassification exposures. Worker misclassification also impacts wage and hour, safety, immigration, worker’s compensation, employee benefits, negligence and a host of other obligations.

All of these exposures carry potentially costly compensation, interest, and civil and in some cases even criminal penalty exposures for the businesses and their leaders. Consequently, businesses should act prudently and promptly to identify and address all of these risks and move forward holistically to manage their misclassification exposures.

Agencies charged with enforcement of these other laws as well as private plaintiffs also are on the alert for and pursing businesses for aggressive misclassification of workers in these other exposure areas. Since most businesses uniformly classify workers as either employees or non-employees for most purposes, business leaders must understand and manage the full scope of their businesses’ misclassification exposures when charting and implementing their strategy in response to the VCS Program or another voluntary compliance program, responding to an audit or other agency action, addressing a private plaintiff suit or conducting other risk management and compliance activities impacting or affected by worker classification concerns.

VCS Program Offers Limited Worker Misclassification Exposure Relief

Worker misclassification impacts a broad range of tax and non-tax legal obligations and risks well beyond income tax withholding, payroll and other employment tax liability and reporting and disclosure. A worker classification challenge or necessity determination in one area inherently prompts the need to address the worker reclassification and attendant risks in other areas.

Typically, in addition to treating a worker as a non-employee for tax purposes, a business also will treat the worker as a non-employee for immigration law eligibility to work, wage and hour, employment discrimination, employee benefits, fringe benefits, worker’s compensation, workplace safety, tort liability and insurance and other purposes.

Health Care Reform To Increase Worker Classification Risks

Businesses can look forward to these risks rising in 2014, when the “pay or play” employer shared responsibility, health plan non-discrimination, default enrollment and other new rules take effect under the Patient Protection & Affordable Care Act (ACA). Given these new ACA requirements and the government’s need to get as many workers covered as employees to make them work, as well as existing laws, IRS and other agencies are expanding staffing and stepping up enforcement against businesses that misclassify workers.

Whether and how ACA’s “pay-or-play” employer shared responsibility payment, default enrollment, insured health plan non-discrimination and other federal health plan rules apply to a business’ health plan requires a correct understanding of what workers considered employed by the business and how these workers are counted and classified for purposes of ACA and other federal health plan mandates.

ACA and other federal health plan rules decide what rules apply to which businesses or health plans based on the number of employees a business is considered to employ, their hours worked, their seasonal or other status, and other relevant classification as determined by the applicable rule. The ACA and other rules vary in the relevant number of employees that trigger applicability of the rule and how businesses must count workers to decide when a particular rule applies. Consequently, trying to predict the employer shared responsibility payment, if any under Internal Revenue Code (Code) Section 4980H or model the burden or cost of any other federal health benefit mandates requires each business know who counts and how to classify workers for each of these rules. Most of these rules start with a “common law” definition of employee then apply rules to add or ignore various workers. Because most federal health plan rules also take into account “commonly controlled” and “affiliated” businesses’ employees when determining rule coverage, businesses also may need to know that information for other related or commonly owned businesses.

For instance, when a business along with all commonly controlled or affiliated employers, if any, employ a combined workforce of 50 or more “full-time” and “full-time equivalent employees” (Large Employer) does not offer “affordable,” “minimum essential coverage” to every full-time employee and his dependents under a legally compliant health plan that provides “minimum essential value” within the meaning of ACA after 2013, the business generally should expect to pay a shared responsibility payment under Code Section 4980H for each month after 2013 that any “full-time” employee receives a tax subsidy or credit for enrolling in one of ACA’s health care exchanges. The amount of this required shared responsibility payment will be calculated under Code Section 4980H based on the plan design and coverage the employer health plan offers and the required employee contribution for employee only coverage.

If the business intends to continue to offer health coverage, it similarly will need to accurately understand which workers count as its employees for purposes of determining who gets coverage and the consequences to the business for those workers that qualify as full-time, common law employees not offered coverage.

In either case, ACA uses the common law employee test as the basis for classification of workers both to determine what businesses have sufficient full-time employees to become covered under these rules, the payment, if any, required under Code Section 4980H’s new employer shared responsibility payment requirements, as well as the workers entitled to benefit from these rules under employer sponsored health plans. Accordingly, These the already significant legal and financial consequences for employers that misclassify workers will rise significantly when ACA gets fully implemented beginning in 2014.

Consider VCP Program Relief In Context Of Other Worker Classification Risks

As part of a broader effort to get businesses properly to classify and fulfill tax and other responsibilities to workers, the IRS is offering certain qualifying businesses an opportunity to resolve payroll liabilities arising from past worker misclassifications under the VCS Program. The VCS Program settlement opportunity emerged in 2011 as worker misclassification amid rising scrutiny and enforcement by the IRS and other agencies against businesses for misclassification related violations of the Code, wage and hour, safety, discrimination, immigration and various other laws.

Touted by the IRS as providing “greater certainty for employers, workers and the government,” the VCS Program offers businesses that meet the eligibility criteria for the program the option to resolve past payroll tax liability for the misclassified workers by paying a settlement payment of just over one percent of the wages paid to the reclassified workers for the past year and by meeting other program criteria. When a business meets the VCS Program requirements, the IRS promises not to conduct a payroll tax audit or assess interest or penalties against the business for unpaid payroll taxes for the previously misclassified workers covered by the VCS Program. For more detail, see New IRS Voluntary IRS Settlement Program Offers New Option For Resolving Payroll Tax Risks Of Misclassification But Employers Also Must Manage Other Legal Risks; Medical Resident Stipend Ruling Shows Health Care, Other Employers Should Review Payroll Practices; Employment Tax Takes Center Stage as IRS Begins National Research Project , Executive Compensation Audits.

The IRS hoped the threat of much larger liability if the IRS catches their misclassification in an audit would induce businesses to settle their exposure and come into compliance by participating in the VCS Program.

Part of the low participation stemmed from restrictions incorporated into the VCS Program. Not all businesses with misclassified workers qualified to use the program. The original criteria to enter the VCS Program established in 2011 required that a business:

Be treating the workers as nonemployees;
Consistently have treated the workers in the past as nonemployees;
To have filed all required Forms 1099 for amounts paid to the workers;
Not currently be under IRS audit;
Not be under audit by the Department of Labor or a state agency on the classification of these workers or contesting the classification of the workers in court; and
To agree to extend the statute of limitations on their payroll tax liabilities from three to six years.

After only about 1000 employers used the VCS Program to voluntarily resolve their payroll tax liability for misclassified workers, the IRS modified the program in hopes of making participation more attractive to businesses in Announcement 2012-45. As modified by Announcement 2012-45, employers under IRS audit, other than an employment tax audit, now qualify for the VCS Program. Announcement 2012-45 also eliminates the requirement that employers agree to extend their statute of limitations on payroll tax liability from three to six years.

A business that meets these adjusted criteria for participation now follows the following steps to enter the VCS Program:

Files the Form 8952, Application for Voluntary Classification Settlement Program, at least 60 days before the business plans to begin treating the workers as employees;
Adjusts its worker classification practices prospectively with respect to the previously misclassified workers;
Pays the required settlement fee; and
Properly classifies workers going forward.

While these changes may make participation in the VCS Program more attractive to some employers, many employers may view use of the VCS Program as too risky because of uncertainties about the proper classification of certain workers in light of the highly fact specific nature of the determination, as well as concerns about the effect that use of the VCS Program might have on the businesses non-tax misclassification exposures for workers that would be reclassified under the VCS Program.

Uncertainties Complication Worker Classification Risk Management

One of the biggest challenges to getting businesses to change their worker classifications is getting the businesses to accept the notion that long-standing worker classification practices in fact might not be defensible.

Although existing precedent and regulatory guidance makes clear that certain long-standing worker classification practices of many businesses would not hold up if scrutinized, business leaders understandably often discount the risk because these classifications historically have continued with little or no challenge in the past.

Even when business leaders recognize that changing enforcement patterns merit reconsideration of historical worker classification practices, they may be reluctant to reclassify the workers.

The common law employment test applied to decide if a worker is an employee for payroll, income tax, employee benefit plan and other purposes under the Code often relies on a subjective, highly fact-specific analysis of the particular circumstances of the worker. Employment status typically is presumed under the common law test for purposes of the Code and most other laws. This means that the business, rather than the IRS or other agency, generally bears the burden of proving the correctness of its classification of a worker as a non-employee for purposes of these determinations.

Given the business typically bears the burden of proving a worker is not an employee, a business receiving services from workers performing services in a capacity other than as a employee should ensure that the position in structural form and operation will withstand scrutiny under the common law and other applicable tests and retain the necessary evidence to support this characterization in anticipation of a potential future audit or other challenge.

Since the business can expect to bear the burden of proving the appropriateness of a nonemployee characterization, businesses also should exercise special care to avoid relying upon overly optimistic assessment of the facts and circumstances when assessing the defensibility of their characterization of the position.

When the factual evidence creates significant questions about the defensibility of a worker’s classification as a non-employee, an employing business generally should consider reclassifying or restructuring the position to be more defensible pursuant to a process designed to mitigate or resolve risks of the prior classification. Often, it also may be desirable for the business to incorporate certain contractual, compensation and other safeguards into the worker relationship, both to support the nonemployee characterization and to minimize future reclassification challenges and exposures.

Consider Importance of Attorney-Client Privilege As Risk Management Tool

Because of the broad reaching and potentially significant liability exposures arising from misclassification, business leaders generally should work to ensure that their risk analysis and decision-making discussion is conducted in a way that positions these discussions for protection under attorney-client privilege and attorney work product privilege.

The availability of the attorney-client and other evidentiary privilege to help shield the investigation and associated decision-making is particularly important because of the potentially significant civil and even criminal liability exposures that often arise from worker misclassification under various relevant laws.

The interwoven nature of the tax and non-tax risks merits particular awareness by business leaders of the need to use care in deciding the outside advisors and consultants that will help in the evaluation of the risks and structuring of solutions. With the VCS Program and other tax exposures in the limelight, businesses can expect that their accounting and other consultant advisors will recommend and even offer to lead the review. While appropriately structured involvement by these non-legal consultants can be a valuable tool, the blended nature of the misclassification exposures means that the evidentiary privileges that accountants often assert to help shield their tax related discussions from discovery in certain federal tax prosecutions are likely to provide inadequate protection against discovery given the broad non-tax related exposures inherent in the misclassification problem. For this reason, business leaders are urged to require that any audits and other activities by these non-legal consultants to evaluate or mitigate these exposures be engaged and conducted whenever possible within attorney-client privilege to protect and promote the ability to assert evidentiary protections against disclosure and discovery of sensitive discussions. Accordingly, while businesses definitely should incorporate appropriate tax advisors into the evaluation process, most businesses before commencing meaningful discussions with or engaging assessments by their accounting firm or other non-attorney tax advisor will want to engage counsel and coordinate their accounting and other non-attorney tax advisors” involvement and activities through qualified legal counsel to protect and maximize the ability to conduct the analysis of their risks and options within the protection of attorney-client privilege.

For Help With These Or Other Matters

If you need assistance in conducting a risk assessment of or responding to an IRS, Labor, HHS, DOJ, ICE, private claim or other legal challenges to your organization’s existing workforce classification or other labor and employment, employee benefit, compensation practices, compliance, or other internal controls and management concerns, please contact the author of this update, attorney Cynthia Marcotte Stamer.

A board certified labor and employment attorney widely known for her extensive and creative knowledge and experience worker classification and other employment, employee benefits and workforce matters, Ms. Stamer has more than 25 years experience advising and representing employer, employee benefit and other clients before the Internal Revenue Service, the Department of Labor, Immigration & Customs, Justice, and Health & Human Services, the Securities and Exchange Commission, Federal Trade Commission, state labor, insurance, tax and attorneys’ general, and other agencies, private plaintiffs and others on worker classification and related human resources, employee benefit, tax, internal controls, risk management and other legal and operational management concerns.

Ms. Stamer works extensively with employers, employee benefit plan sponsors, insurers, administrators, and fiduciaries, payroll and staffing companies, technology and other service providers and others to develop and run legally defensible programs, practices and policies that promote the client’s human resources, employee benefits or other management goals.

A Fellow in the American College of Employee Benefits Council, the immediate past Chair and current Welfare Benefit Committee Co-Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits, the Vice Chair of the ABA TIPS Employee Benefits Committee, the Gulf States Area TEGE Council Exempt Organizations Coordinator, past-Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, and the editor and publisher of Solutions Law Press HR & Benefits Update and other Solutions Law Press Publications, Ms. Stamer also is a widely published author and highly regarded speaker on these and other employee benefit and human resources matters who is active in many other employee benefits, human resources and other management focused organizations who is published and speaks extensively on worker classification and related matters. She is recognized for her publications, industry leadership, workshops and presentations on these and other human resources concerns and regularly speaks and conducts training on these matters. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, and many other national and local publications.

You can learn more about Ms. Stamer and her experience, find out about upcoming training or other events, review some of her past training, speaking, publications and other resources, and register to receive future updates about developments on these and other concerns from Ms. Stamer at www.CynthiaStamer.com.

About Solutions Law Press

1 Comment | 105(h), Cafeteria Plans, COBRA, Corporate Compliance, Disability, Disability, Disability Plans, Discrimination, Employee Benefits, Employers, Employment Tax, ERISA, Fair Labor Standards Act, family leave, FMLA, Government Contractors, Health Plans, HIPAA, Human Resources, I-9, Immigration, Income Tax, Insurance, Internal Controls, Internal Investigations, Labor Management Relations, Leave, medical leave, Military Leave, Nonresident aliens, OSHA, Payroll Tax, Restructuring, Retirement Plans, Tax, Tax Qualification, Unemployment Benefits, Unemployment Insurance, Union, VEVRRA, Wage & Hour | Tagged: contract labor, Determination Letters, Employee, Employee Benefits, Independent Contractor, leased employee, misclassificaton, payroll tax, plan qualification, Retirement Plans, staffing, Tax, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

13 Employer Tips For Coping With Health Care Reform Now!

March 5, 2013

Since the Supreme Court’s June 28, 2012 National Federation of Independent Business v. Sebelius health care reform ruling upholding the “pay or play” mandates of the Patient Protection & Affordable Care Act (ACA), most business leaders, plan fiduciaries, health insurers, administrators of employment-based group health plans have accepted the need to prepare for health care reform changes taking effect in 2014.

Unfortunately, delays in the release of anticipated regulatory guidance, the development and implementation of federal and state exchanges and other regulatory and market reforms have made it difficult for many businesses to understand their obligations, options, and their associated costs.

Most business and industry leaders report frustration with the continuing lack of clarity and uncertainty about rules and costs. Meanwhile, sequester just made life (and costs) worse for many small employers whose current 2013 health plan budget depends upon plans to benefit from he Small Business Health Care Tax Credit (SBHCTC) enacted as part of ACA.

Despite these continuing uncertainties and challenges, the impending January 1, 2014 deadline for compliance doesn’t allow most businesses the luxury for waiting for clarification. To complete the necessary arrangements, businesses unfortunately must decide the direction they plan to take and start working to implement their choice despite these existing uncertainties while managing their existing health benefit programs and costs through 2013.

Small Employers Relying On Health Plan Tax Credit Should Adjust Budgets In Response To Sequester Cut

For small employers and tax-exempt employers counting on the Small Business Health Care Tax Credit (SBHCTC) enacted as part of ACA to afford health care coverage for their employees, health benefit planning needs to begin with determining and dealing with any new problems that an almost 9% cut in the 2013 SBHCTC tax credit triggered by sequester may have on the amount of the credit for the current 2013 tax year.

ACA added the SBHCTC to the Internal Revenue Code (Code) to help and encourage qualifying small businesses to provide health coverage for their employees. For tax years 2010 through 2013, the maximum credit is 35 percent for a qualifying small business employer and 25 percent for small tax-exempt employers such as charities. See IRS 3 Simple Steps Publication for help estimating the credit. An enhanced version of the credit is scheduled to increase the tax credit rate to 50 percent and 35 percent, respectively in 2014.

Many small businesses are unaware that sequester automatically cut their 2013 SBHCTC tax credit. Under the sequester requirements of the Balanced Budget and Emergency Deficit Control Act of 1985, as amended, certain automatic budget cuts went into effect on March 1, 2013. These required cuts include an 8.7% reduction to the refundable part of the SBHCTC for otherwise qualifying small employers under Code Section 45R. As a result, qualifying employers counting on the SBHCTC credit to pay for employee health coverage need to know that this credit effectively is reduced by 8.7% percent. The sequestration reduction rate will apply until the end of the fiscal year on September 30, 2013 or intervening Congressional action, at which time the sequestration rate is subject to change.

Health Care Reform Coping Steps For All Businesses

While the sequester SBHCTC cut uniquely affects small businesses employing 25 or fewer workers, almost all businesses regardless of size are struggling to cope with the challenges of health care reform. The following steps may be helpful for many businesses working to chart a path for moving forward amid these uncertainties:

1. Know Your Workforce & Proper Worker Classifications For Purposes of Health Plan Rules

Whether and how ACA’s “pay-or-play” employer shared responsibility payment, default enrollment, insured health plan non-discrimination and other federal health plan rules apply to your company’s health plan requires a correct understanding of what workers considered employed by your business and how these workers are counted and classified for purposes of ACA and other federal health plan mandates is the first step to projecting the potential costs and liabilities of your business under Code Section 4980H.

Trying to predict the employer shared responsibility payment, if any under Code Section 4980H or model the burden or cost of any other federal health benefit mandate requires each business know who counts and how to classify workers for each of these rules. Most of these rules start with a “common law” definition of employee then apply rules to add or ignore various workers. Because most federal health plan rules also take into account “commonly controlled” and “affiliated” businesses’ employees when determining rule coverage, businesses also may need to know that information for other related or commonly owned businesses.

2. Make Rough Cost Projection To Preliminarily Decide Whether To “Pay” or “Play”

Under ACA, each business retains the option not to offer any health coverage for any employee or employee groups provided the business can tolerate the resulting consequences. When a business along with all commonly controlled or affiliated employers, if any, employ a combined workforce of 50 or more “full-time” and “full-time equivalent employees” (Large Employer) does not offer “affordable,” “minimum essential coverage” to every full-time employee and his dependents under a legally compliant health plan that provides “minimum essential value” within the meaning of ACA after 2013, the business generally should expect to pay a shared responsibility payment under Code Section 4980H for each month after 2013 that any “full-time” employee receives a tax subsidy or credit for enrolling in one of ACA’s health care exchanges. The amount of this required shared responsibility payment will be calculated under Code Section 4980H based on the plan design and coverage the employer health plan offers and the required employee contribution for employee only coverage. Consequently, most businesses should project the relative cost to their business of paying the shared responsibility payment under Code Section 4980H against the cost of providing coverage to decide if it makes sense to even consider continuing to offer health coverage.

While not yet final, recently proposed Internal Revenue Service (IRS) regulations that would implement Code Section 4980H (4980H Regulations) provide a fairly good roadmap for business leaders to use to project their likely shared responsibility payment if the business assumes that the cost of offering coverage to avoid paying the shared responsibility payment will not be less than its existing health plan costs. Starting with this assumption, the 4980H Regulations provide some roadmap that the business can use to project its likely shared responsibility payment if the business fails to offer health coverage under a plan offering minimum essential coverage to each full-time employee and their dependents. Using this assumption, a businesses also can get a rough comparison of the projected cost difference per full-time employee if the offers a plan providing minimum essential coverage to all full-time employees and their dependents with minimum essential value that turns out to be “unaffordable” to some of these employees under ACA.

While refinement of the data in the time and other employment records might help a business refine these estimates, the preliminary projections made using existing data and these assumptions generally will help a business decide if it wants to go ahead under the assumption it will pay or play. If the business plans only to pay the shared responsibility payment, its efforts should focus on collecting and retaining the data needed to prove compliance and minimize its liability by planning its workforce and taking advantage of any safe harbor or other elections available to it under the 4980H Regulations for counting and classifying its workers.

3. If Business Decides To Offer Health Coverage After 2013, Decide Plan Design

If the business intends to continue to offer health coverage, the business also needs to decide the plan coverage and terms of that plan. In all cases, any health coverage offered generally must be designed so the business prudently can afford to pay benefit and administration costs of the plan and also meet all applicable mandates. The mandates applicable to the plan generally are based on the size of the employer as determined by the applicable federal rules.

Within these parameters, the business generally has the following choices:

Offer health plan that provides minimum essential coverage with minimum essential value to all full-time employees, but pay a shared responsibility payment for full-time employees electing exchange coverage whose employee only contribution would be considered “unaffordable” under ACA because it exceeds 9.5% of their wages;
Offer health plan that provides minimum essential coverage with minimum essential value to all full-time employees, and subside the cost of coverage for any low-paid workers as necessary to prevent that coverage from being unaffordable for any worker;
Offer a health plan providing minimum essential coverage to some but not all full-time employees and pay the shared responsibility payment calculated under Code Section 4980H(b) for any full-time employee that elects coverage under the exchange to whom the plan is either unaffordable or doesn’t offer minimum essential coverage; or
Some combination of these options, designed to meet the other federal health plan rules applicable for health plans offered by businesses employing that number of workers.

When making these decisions, uncertainty about the cost of coverage, the income of the workers, and which low-income employees, if any, actually will choose to enroll in the health plan versus choose to get coverage from the exchange creates some uncertainty to the predictions. As guidance continues to emerge, however, the modeling of these issues becomes increasingly more reliable. In the meantime, businesses that plan to continue to offer coverage must make their best guess to project costs and design their health programs while keeping a careful eye on the emerging guidance and market cost data.

4. Understand The Cast Of Characters & What Hat(s) (Including You) They Wear

Employers and their management rely upon many vendors and advisors and assumptions when making plan design and risk management decisions. Many times, employer and members of their management unknowingly assume significant risk because of misperceptions about these allocations of duties and operational and legal accountability. Business and plan leaders need a correct understanding of these roles and responsibilities to understand the risks and to what extent they can rely upon a vendor or advisor to properly design and administer a health plan or carry out related obligations, what risks cannot be delegated, and how to manage these risks.

Under the Employee Retirement Income Security Act (ERISA), any party that exercises discretion or control over health plan administration, funds or certain other matters generally is considered a plan “fiduciary.” Fiduciaries generally are personally liable for prudently and appropriately administering their health plan related responsibilities prudently in accordance with ERISA and other applicable laws and the plan terms. Knowing who is acting as a fiduciary and understanding those duties and liabilities and how to manage these risks significantly affects the exposure that an employer or member of its management risks as a result of an employer’s sponsorship in a group health plan or other employee benefit program. Also, knowing what duties come first and how to prove that the fiduciary did the right thing is key to managing risks when an individual who has fiduciary responsibilities under ERISA also is responsible for carrying out other management duties of the sponsoring employer, a vendor or elsewhere that carries duties or interests that conflict with his health plan related fiduciary duties.

The plan sponsor or members of its leadership, a service provider or members of their staff generally may be a fiduciary for purposes of ERISA if it either is named as the fiduciary, it functionally exercises the discretion to be considered a fiduciary, or it otherwise has discretionary power over plan administration or other fiduciary matters. Many plan sponsors and their management unwittingly take on liability that they assume rests with an insurer or service provider because the company or members of its management are named as the plan administrator or named fiduciary with regard to duties that the company has hired an insurer or service provider to provide or allowed that service provider to disclaim fiduciary or discretionary status with regard to those responsibilities. Management also can have fiduciary exposure based on their authority for selecting plan fiduciaries and vendors.

Also, by not knowing who the fiduciaries are, plans and their fiduciaries often fail to confirm the eligibility of some parties serving as fiduciaries, to arrange for bonding of service providers or fiduciaries as required to comply with Title I of ERISA. Failing to properly understand when the plan sponsor, member of its management or another party is or could be a fiduciary can create unnecessary and unexpected risks and lead to reliance upon vendors who provide advice but leave the employer or a management member holding the bag for resulting liability.

A correct understanding of the risks and who bears them is critical to understand the risks, opportunities to mitigate risk through effective contracting or other outsourcing, when outsourcing does not effectively transfer risks, where to invest resources for contract, plan or process review and changes or other risk management, and where to expect costs and risks and implement processes and procedures to deal with risks that cannot be outsourced or managed.

5. Know What Rules Apply To Your Plan, The Sponsoring Employer, The Plan Its Fiduciaries & Plan Vendors & How This Impacts You & Your Group Health Plan

The requirements for health plans and the resulting liabilities have undergone continuous changes. ACA adds to an already extensive list of complicated federal rules about health plans and their administration. ACA, the Code, ERISA, the Social Security Act, the Privacy, Security, and Administrative Simplification and Breach Notification rules of the Health Insurance Portability & Accountability Act (HIPAA) and various other federal laws also impose certain health plan related obligations and liabilities on health plan fiduciaries, their employer or other health plan sponsors and other parties. These ever-expanding requirements increasingly impose civil or criminal sanctions, excise tax or other liability on plan administrators or other parties for failing to maintain legally compliant plans, file required reports, give required notifications or meet other requirements. In many instances, this includes a requirement to know and self-report violations of some of these federal rules.

Beyond these exposures, employers who sponsor group health plans that violate certain federal group health plan mandates have a duty to self-report certain regulatory plan failures and pay excise taxes where such failures are not corrected in a timely fashion once discovered, or are due to willful neglect. Code Section 6039D imposes excise taxes for failure to comply with health care continuation (COBRA) , health plan portability (HIPAA), genetic nondiscrimination (GINA), mental health parity (MHPAEA) , minimum hospital stays for newborns and mothers (Newborns’ and Mothers’ Health Protection Act), coverage of dependent students on medically necessary leaves of absence (Michelle’s Law), health savings account (HSA) and Archer medical savings account (Archer MSA) contribution comparability and various other federal requirements incorporated into the Internal Revenue Code.

Since 2010, IRS regulations have required employers sponsoring group health plans not complying with mandates covered by Internal Revenue Code Section 6039D to self-report violations and pay related excise taxes. Under these regulations, the sponsoring employer (or in some cases, the insurer, HMO or third-party administrator) must report health plan compliance failures annually on IRS Form 8928 (“Return of Certain Excise Taxes Under Chapter 43 of the Internal Revenue Code”). Beyond any specific liability under ERISA or the particular law for such violations, the potential excise tax liability that can result under these provisions can be significant. For example, COBRA, HIPAA, and GINA violations typically carry excise tax liability of $100 per day per individual affected. Compliance with applicable federal group health plan mandates is critical to avoid these excise taxes as well as other federal group health plan liabilities.

6. Update Health Plan Documents, SPDs & Other Communications, Administrative Forms & Procedures, Contracts & Processes To Meet Requirements & Manage Exposures

Along with knowing what rules apply, timely updating written plan documents, communications and administration forms, administrative practices, contracts and other health plan related materials processes and procedures has never been more critical.

A tightly written plan document and other plan communications have never been more important. Federal law generally requires that health plan be established, maintained and administered in accordance with legally complaint, written plan documents and impose a growing list of standards and requirements governing the design and administration of these programs. In addition to the existing and impending ACA mandates, ERISA, the Code , the Social Security Act, federal eligibility and coverage continuation mandates of laws like the Consolidated Omnibus Budget Reconciliation Act (COBRA), the Uniformed Services Employment and Reemployment Rights Act (USERRA), the Health Insurance Portability & Accountability Act, the Family & Medical Leave Act, the Genetic Information and Nondiscrimination Act (GINA), Michelle’s Law, mental health parity and other laws regulate the eligibility, coverage, administration and other design features of employment-based health plans and their administration. ACA and other laws also require that employers, health plan administrators and fiduciaries protect the privacy of data, as well as comply with claims and appeals, communication, fiduciary responsibility, bonding, record keeping, reporting and other requirements.

Failing to update documents, communications, administrative forms and processes and other materials and practices can unleash a host of exposures. ERISA requires that that all material plan terms be set forth in a written plan document. Many other federal health plan mandates require that this plan document include certain specific provisions. Beyond these mandated terms, the ability to uphold and enforce plan terms often can be hurt or hindered by the tightness or sloppiness of the plan language.

Among other things, noncompliant plan documents, communications and practices can trigger unanticipated costs and liabilities by undermining the ability to administer plan terms and conditions. They also may expose the plan, plan fiduciaries and others to lawsuits, administrative enforcement and sanctions and other enforcement liabilities.

For this purpose of deciding what and how much to do, it is critical to keep in mind the devil is in the details. Not only must the documentation meet all technical mandates, the language, its clarity and specificity, and getting the plan document to match the actual processes that will be used to administer the plan and ensuring that the plan documents and processes match the summary plan description, summary of benefits and coverage, administrative forms and documentation and other plan communications and documentation in a legally compliant way significantly impacts the defensibility of the plan terms and the expense that the plan, its sponsor and fiduciaries can expect to incur to defend it.

7. Clean Up Claims and Appeals, SPDs & Other Practices To Enhance Defensibility

Proper health plan claims and appeals plan and summary plan description language, procedures, processing, notification and documentation is critical to maintain defensible claims and appeals decisions required to enforce plan terms and manage claims denial related liabilities and defense costs. Noncompliance with these requirements may prevent health plans from defending their claims or appeals denials, expose the plan administrator and plan fiduciaries involved or responsible for these activities to penalties, prompt unnecessary lawsuits, Labor Department enforcement or both; and drive up plan administration costs.

Unfortunately, most group health plans, their insurers and administrators need to substantially strengthen their plan documentation; handling; timeliness; notifications and other claims denials; and other claims and other appeals processes and documentation to meet existing regulations and otherwise strengthen their defensibility.

Among other things, existing court decisions document that many plans existing plan documents, summary plan descriptions and explanations of benefits, claims and appeals investigations and documentation and notifications often need improvement to meet the basic plan document, summary plan description and reasonable claims rules of the plan document, summary plan description, fiduciary responsibility, reasonable claims and appeals procedures of ERISA and its implementing regulations. Court precedent shows that inadequate drafting of these provisions, as well as specific provisions coverage and benefit provisions frequently undermines the defensibility of claims and appeals determinations. In addition to requiring that claims be processed and paid prudently in accordance with the terms of written plan documents, ERISA also requirements that plan fiduciaries decide and administer claims and appeals in accordance with reasonable claims procedures.

Although the Labor Department updated its regulations implementing this reasonable claims and appeals procedure requirement more than 10 years ago, the Department of Labor updated its ERISA claims and appeals regulations to include detailed health plan claims and appeals requirements, many group health plans, their administrators and insurers still have not updated their health plans, summary plan descriptions, claims and appeals notification, and claims and appeals procedures to comply with these requirements.

These omissions only become more significant under ACA. The external review and other detailed additional requirements that the Affordable Care Act dictates that group health plans not grandfathered from its provisions and its provisions holding these non-grandfathered plans strictly liable for deficiencies in their claims and appeals procedures makes the need to address inadequacies even more imperative for those non-grandfathered group health plans. Inadequate attention to these concerns can force a plan to pay benefits for claims otherwise not covered as well as additional defense costs and penalties.

8. Consistency Matters: Build Good Plan, Then Follow It

Defensible health plan administration starts with the building and adopting strong, legally compliant plan terms and processes that are carefully documented and communicated in a prudent, legally compliant manner. The next key is to actually use this investment by conducting plan administration and related operations consistent with the terms and allocated responsibilities to administer the plan in a documented, legally compliant and prudent manner.

Good documentation and design on the front end should minimize ambiguities in the meaning of the plan and who is responsible for doing what when.

With these tools in place, delays and other hiccups that result from confusion about plan terms, how they apply to a particular circumstance or who is responsible for doing what, when should be minimized and much more easily resolved by timely, appropriate action by the proper responsible party. This facilitation of administration and its consistency can do much to enhance the defensibility of the plan and minimize other plan related risks and costs.

9. Ensure Correct Party Carries Out Plan and Communications Plan Functions And Communications Compliant, Timely, Prudent, Provable Manner

Having the proper party perform plan related responsibilities and respond to claims and inquiries in a compliant, timely, prudent manner is another key element to managing health plan risk and promoting enforceability. Ideally, the party appointed to act as the named fiduciary for purposes of carrying out a particular function also should conduct all plan communications regarding that function in terms that makes clear its role and negates responsibility or authority of others.

When an employer or other plan sponsor goes to the trouble to appoint a committee, service provider or other party to serve as the named fiduciary then chooses to communicate about the plan anyway, the Supreme Court in FMC v. Halliday made clear it runs the risk that the plan related communications may be considered discretionary fiduciary conduct for which it may be liable as a functional fiduciary. Meanwhile, these communications by nonfiduciaries also may create binding obligations upon the plan and its named fiduciaries to the extent made by a plan sponsor or conducted by a staff member or service provider performing responsibilities delegated by the plan fiduciary.

Beyond expanding the scope of potential fiduciaries, communications conducted by nonfiduciaries also tend to create defensibility for many other reasons. For instance, allowing unauthorized parties to perform plan functions may not comport with the plan terms, and are less likely to create and keep required documentation and follow procedures necessary to promote enforceability. Also, the communications, decisions and other actions by these nonfiduciary actors also are unlikely to qualify for discretionary review by the courts because grants of discretionary authority, if any in the written plan document to qualify the decisions of the named fiduciary for deferential review by courts typically will not extend to actions by these nonfiduciary parties. Furthermore, the likelihood that the communication or other activity conducted will not comply with the fiduciary responsibility or other requirements governing the performance of the plan related functions is significantly increased when a plan sponsor, service provider, member of management, or other party not who has not been appointed or accepted the appointment act as a named fiduciary undertakes to speak or act because that party very likely does not accept or fully appreciate the potential nature of its actions, the fiduciary and other legal rules applicable to the conduct, and the potential implications for the nonfiduciary actor, the plan and its fiduciaries.

10. Clean Up Date Collection, Protection & Reporting

Existing and impending ACA and other federal mandates require that group health plans, their sponsors collect, maintain and administer is exploding. Existing eligibility mandates, for example, already require that plans have access to a broad range of personal identifying, personal health and a broad range of other sensitive information about employees and dependents who are or may be eligible for coverage under the plan.

While employers and their health plans historically have collected and retained the names, place of residence, family relationships, social security number, and other similar information about employees and their dependents, these data collection, retention and reporting requirements have and will continue to expand dramatically in response to evolving legal requirements.

Already, health plans also from time to time need employee earnings, company ownership, employment status, family income, family, medical, military, and school leave information, divorce and child custody, enrollment in Medicare, Medicaid and other coverage and a broad range of other additional information. Under the ACA, these data needs will explode to include a whole new range of information about total family income, availability and enrollment in other coverage, cultural and language affiliations, and many other items.

Collecting, retaining and deploying this information will be critical to meeting existing and new plan administration and reporting requirements. How this data collection is conducted, shared, safeguarded against misuse or other legally sensitive contact by the employer, service providers, the plan and others will be essential to mitigate exposures to federal employment and other nondiscrimination, HIPAA and other privacy, fiduciary responsibility and other legal risks and obligations.

To the extent that payroll providers, third party administrators or other outside service providers will participate in the collection, retention, or use of this data, time also should be set aside both to conduct due diligence about their suitability, as well as to negotiate the necessary contractual arrangements and safeguards to make their involvement appropriate.

Finally, given the highly sensitive nature of this data, employers, health plans and others that will collect and use this data will need to implement appropriate safeguards to prevent and monitor for improper use, access or disclosure and to conduct the necessary training to suitably protect this data.

11. Monitor, Assess Implications & Provide Relevant Input to Regulators About Emerging Requirements & Interpretive Guidance Implementing 2014 Affordable Care Act & Other Mandates.

While the Supreme Court’s decision upheld as Constitutional ACA’s individual and employer shared responsibility mandates as a tax, many opportunities to impact its mandates remain.

Beyond the highly visible, continuing and often heated debates ranging in Congress and the court of public opinion on whether Congress should change its provisions, a plethora of regulatory interpretations issued or impending release by the implementing agencies, the IRS, HHS and Labor Department, and state insurance regulators will significantly impact what requirements and costs employers, insurers, individuals and governments will bear when the law takes effect. Businesses sponsoring health plans should carefully scrutinize this regulatory guidance and provide meaningful, timely input to Congress, the regulators or both as appropriate to help influence the direction of regulatory or Congressional actions that would materially impact these burdens.

12. Help Employees & Their Families Build Their Health Care Self-Management Skills

Whether or not your company plans to continue to sponsor employee health coverage after 2014, providing training and tools to help employees and their families strengthen their ability to understand and manage their health, health care needs and benefits can pay big dividends. Beyond the financial costs to employees and employers of paying to care for a serious illness or injury, productivity also suffers while employees dealing with their own or a family member’s chronic or serious health care condition. Wellness programs that encourage and support the efforts of employees and their families to stay healthy may be one valuable component of these efforts. Beyond trying to prevent the need to cope with illness behind wellness programs, however, opportunities to realize big financial, productivity and benefit value recognition rewards also exist in the too often overlooked opportunity to provide training, education and tools that employees and their families need to better understand and self-manage care, benefits, finances and life challenges that commonly arise when dealing with their own or a family member’s illness. Providing education, tools and other resources that can help employees access, organize and effectively use health care and benefit information to manage care and the consequences of illness, their benefits and how to use them, to participate more effectively in care and care decisions, to recognize and self-manage financial, lost-time and other challenges associated with the illness not addressable or covered by health benefit programs, and other practical skills can help reduce lost time and other productivity impacts while helping employees and their families get the most out of the health care dollars spent.

13. Pack Your Parachute-Plan Your Defense & Exist Strategies

With the parade of expense and liabilities associated with health plans, businesses sponsoring health plans and the management, service providers and others involved in their establishment, continuation, maintenance or administration are well advised to pack their survival kit and develop their exit strategies to position to soften the landing in case their health plan experiences a legal or operational disaster.

Employers and other health plan sponsors and fiduciaries typically hire and rely upon a host of vendors and advisors to design and administer their health plans. When selecting and hiring these service providers, health plan sponsors and fiduciaries are well-advised to investigate carefully their credentials as well as require the vendors to provide written commitments to stand behind their advice and services.

Too often, while these service providers and advisors encourage plan sponsors and fiduciaries to allow the vendor to lead them or even handle on an ongoing basis plan administration services by touting their services, experience, expert systems and process and commitment to stand behind the customer when making the sale or encouraging reliance upon their advice when tough decisions are made, they rush to stand behind exculpatory and on-sided indemnification provisions in their service contracts to limit or avoid liability, demand indemnification from their customer or both when things go wrong.

While ERISA may offer some relief from certain of these exculpatory provisions under some circumstances, plan sponsors and fiduciaries should work to credential service providers and require service providers to commit to being accountable for their services by requiring contracts acknowledge all promised services and standards of quality, require vendors to commit to provide legally compliant and prudently designed and administered services that meet or exceed applicable legal requirements, to provide liability-backed indemnification or other protection for damages and costs resulting from vendor imprudence or malfeasance, to allow for contract termination if the vendor becomes unsuitable for continued use due to changing law or other circumstances and requiring the vendor to return data and other documentation critical to defend past decisions and provide for ongoing administration. Keep documentation about advice, assurances and other relevant evidence received from vendors which could be useful in showing your company’s or plan’s efforts to make prudent efforts to provide for the proper administration of the plan. When concerns arise, use care to investigate and redress concerns in a timely, measured fashion which both shows the prudent response to the concern and reflects sensitivity to the fiduciary and other roles and responsibilities of the employer sponsor and other parties involved.

Get Moving Now

Since many compliance deadlines already have past and the impending deadlines allow plan sponsors and fiduciaries limited time to finish arrangements, businesses, fiduciaries and their service providers need to get moving immediately to update their health plans to meet existing and impending compliance and risk management risks under ACA and other federal laws, decisions and regulations.

Even as businesses move forward to respond to health care reform’s challenges, their leaders should continue to give input to Congress and regulators about the need to improve the rules and reduce business uncertainty and burdens. With many regulations still in proposed or interim form and health care reform and its costs still a concern for many Congressional leaders, significant opportunity still exists to provide input to federal and state regulators on many key aspects of ACA and its relationship to other applicable laws. Businesses and other health plan sponsors, plan fiduciaries, insurers and administrators, and other vendors must stay involved and alert. Zealously monitor new developments and share timely input with Congress and regulators about existing and emerging rules that present concerns and other opportunities for improvement even as you position to respond to these rules before they become fully implemented.

For Help or More Information

If you need help reviewing and updating, administering or defending your group health or other employee benefit, human resources, insurance, health care matters or related documents or practices to respond to emerging health plan regulations, monitoring or commenting on these rules, defending your health plan or its administration, or other health or employee benefit, human resources or risk management concerns, please contact the author of this update, Cynthia Marcotte Stamer.

About Solutions Law Press, Inc.™

Other Helpful Resources & Other Information

2 Comments | 105(h), Bankruptcy, Corporate Compliance, Employee Benefits, Employers, Employment Tax, ERISA, Fair Labor Standards Act, Human Resources, I-9, Immigration, Insurance, Internal Controls, Patient Protection and Affordable Care Act, Payroll Tax, Tax, Uncategorized | Tagged: ACA, Affordable Care Act, Employer, Health Care Reform, Health Plans, Insurance, Patient Protection & Affordable Care Act, Pay or Play, Shared Responsibility | Permalink
Posted by Cynthia Marcotte Stamer

Sequester Will Cut ACA Small Businesses Health Care Tax Credits

March 5, 2013

Even as small and other businesses are struggling to cope with rising rates and impending new rules under the Patient Protection and Affordable Care Act (ACA), small businesses now must deal with being sideswiped by sequester.

Sequester will hurt certain small employers that were counting on the Small Business Health Care Tax Credit (SBHCTC) to afford health care coverage for their employees.

Under the sequester requirements of the Balanced Budget and Emergency Deficit Control Act of 1985, as amended, certain automatic budget cuts went into effect on March 1, 2013. These required cuts include an 8.7% reduction to the refundable part of the SBHCTC for otherwise qualifying small employers under Internal Revenue Code § 45R. As a result, employers qualifying for the SBHCTC should expect to see an 8.7% percent reduction in the amount of reimbursement received for health premiums under the SBHCTC. The sequestration reduction rate will apply until the end of the fiscal year on September 30, 2013 or intervening Congressional action, at which time the sequestration rate is subject to change.

Aside from the effects of sequester, small and other businesses health care costs and responsibilities continue to be shaped by a deluge of new rules rolling out under ACA, the Health Insurance Portability & Accountability Act (HIPAA), the Family & Medical Leave Act, and a host of other laws. Stay tuned here for more updates.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

If you need help with other health and health plan related regulatory policy or enforcement developments, or to review or respond to these or other human resources, employee benefit, or other compliance, risk management, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer may be able to help.

Nationally recognized as a knowledgable and innovative health benefit thought leader by business and government leaders for her extensive work, publications and leadership on health benefit and insurance and other related employee benefits, insurance, human resources and health care matters, Ms. Stamer has advised and defended employer and other health plan sponsors, administrators and fiduciaries, insurers, and others about benefit design, compliance, administration and defense for more than 25 years. Her work includes highly pragmatic, leading edge work helping clients to design, deploy, administer and defend catastrophic, mini-med, expatriate and medical tourism, occupational injury and 24-hour coverage, HRA, HSA HFSA and other defined contribution, Medicare Advantage, and other health plans, policies and practices to comply with the Affordable Care Act, HIPAA, ERISA, COBRA, Mental Health Parity, Internal Revenue Code, labor and employment, privacy, managed care and insurance and other federal and state laws and regulations.

In addition to her extensive legal resume, Ms. Stamer also is a highly regarded industry thought leader and author with extensive involvement in the leadership of a broad range of professional and civic organizations. For instance, Ms. Stamer is the founder and executive director of the Coalition for Responsible Health Care Policy and its PROJECT COPE; The Coalition on Patient Empowerment; a Fellow in the American College of Employee Benefits Counsel, the American Bar Association and the State Bar of Texas; Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group; the Immediate Past Chair of the ABA RPTE Employee Benefit & Other Compensation Committee and the current ABA RPTE Employee Benefit & Other Compensation Committee Welfare Benefits Committee Co-Chair; a Council Member of the ABA Joint Committee on Employee Benefits; Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; Immediate Past Gulf States Area TEGE Council Exempt Organization Coordinator; a current or former Editorial Advisory Board Member of Insurance Thought Leadership, HR.com, Employee Benefit News, the BNA Employee Benefits CD-Rolm and various other BNA HR and Employee Benefits publications; a former national board member and Dallas Chapter President of WEB, Network of Benefits Professionals; a former Southwest Benefits Association Board Member; the past Dallas HR Government Relations Committee Chair; a former SHRM Region IV Board Member and National Consultants Forum Board Member,; past Dallas Bar Association Employee Benefits & Compensation Committee Chair, and a former Texas Association of Business State Board and Regional and Dallas Chapter Chair.

For help with these or other compliance concerns, to ask about compliance audit or training, or for legal representation on these or other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Comments Off on Sequester Will Cut ACA Small Businesses Health Care Tax Credits | Corporate Compliance, Employers, Excise Tax, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Payroll Tax, Privacy, Risk Management, Tax, Tax Credit | Tagged: ACA, Employer, Employers, Employment, Health Care Reform, Health Plans, Labor Department, PPACA, Small Business Health Care Tax Credit, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

OSHA Citation Of Michigan VA Reminder To Manage Workplace Safety

March 1, 2013

The U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA) citation of the Battle Creek Veterans Administration Medical Center, following a safety inspection conducted in July as part of OSHA’s Federal Agency Targeting Inspection Program for seven notices of unsafe or unhealthful working conditions reminds employers that OSHA expects employers to maintain safe workplaces.

Under the Occupational Safety and Health Act, federal agencies must comply with the same safety standards as private-sector employers. According to OSHA, its inspection uncovered several repeat safety violations, as well as certain other serious safety violations.

OSHA reports that three repeat safety violations involved failing to evaluate the workplace to identify if permit-required confined spaces were present and label such spaces with danger signs; failing to adequately guard automated laundry equipment to prevent employees from entering the work area, and failing to fully guard the belt and pulley of an air compressor. To issue notices for repeat violations, OSHA must have issued at least one other notice for the same violation at one of the agency’s establishments within the same standard industrial classification code, commonly known as the SIC code. OSHA previously has cited U.S. Department of Veterans Affairs facilities in Danville and North Chicago, Illinois, and Minneapolis, Minnesota for the same safety and health violations.

The serious safety violations found included three serious safety violations for unguarded floor openings in the general repair shop; failing to inspect powered industrial trucks prior to placing them in service, and failing to remove trucks from service in need of repair. Additionally, OSHA found a circuit breaker panel was not mounted correctly. OSHA issues a serious notice when it finds a substantial probability that death or serious physical harm could result from a hazard about which the employer knew or should have known.

Beyond the repeated and serious violations, OSHA reports it also found one other-than-serious violation for failing to close unused openings on electrical cabinets and junction boxes. An other-than-serious violation is one that has a direct relationship to job safety and health, but probably would not cause death or serious physical harm.

The medical center has 15 business days from receipt of the notices to comply, request an informal conference with OSHA’s area director or appeal the notices by submitting a summary of the agency’s position on the unresolved issues to OSHA’s regional administrator.

While the medical center and other federal agencies are required to comply with the same OSHA rules as private sector employers, the VA and other federal agencies don’t face the same liabilities when cited. OSHA cannot propose monetary penalties against another federal agency for failure to comply with OSHA standards.

The risks for private sector employers is illustrated by another recent OSHA. OSHA recently cited Riddell All-American Sports Co. with eight serious violations following an OSHA investigation, which found that the company exposed workers to multiple safety and health hazards at its San Antonio facility. The violations include failing to ensure electrical equipment was free from recognized hazards, provide adequate machine guarding while employees operate industrial sewing machines and provide a fall protection program to prevent falls from the basket of a powered industrial truck. The Elyria, Ohio-based company, which employs about 25 workers in San Antonio, paints helmets for various sports. Proposed penalties total $44,000. Read the News Release.

Since private sector employers that don’t enjoy the VA’s immunity liability run much greater risks for failing to maintain workplace safety, including significant civil and in the case of a workplace death, potentially even criminal penalties, private sector hospitals and other organizations should exercise special care to ensure appropriate safety in their workplaces. “The Battle Creek Veterans Administration Medical Center failed to properly ensure the facility was in compliance with established safety and health procedures,” said Robert Bonack, director of OSHA’s Lansing Area Office. “All employers, including federal employers, are responsible for knowing what hazards exist in their facilities and taking appropriate precautions by following OSHA standards so workers are not exposed to such hazards.”

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

If you need help in conducting a risk assessment of or responding to an IRS, DOL, Justice Department, or other federal or state agencies or other private plaintiff or other legal challenges to your organization’s existing workforce classification or other labor and employment, compliance, employee benefit or compensation practices, please contact the author of this update, attorney Cynthia Marcotte Stamer here or at (469) 767-8872 .

Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, management attorney and consultant Ms. Stamer is nationally and internationally recognized for more than 23 years of work helping employers; employee benefit plans and their sponsors, administrators, fiduciaries; employee leasing, recruiting, staffing and other professional employment organizations; and others design, administer and defend innovative workforce, compensation, employee benefit and management policies and practices. The Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits, Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer often has worked, extensively on these and other workforce and performance related matters. She also is recognized for her publications, industry leadership, workshops and presentations on these and other human resources concerns and regularly speaks and conducts training on these matters. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, and many other national and local publications. For more information about Ms. Stamer and her experience or to get access to other publications by Ms. Stamer see here or contact Ms. Stamer directly at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Comments Off on OSHA Citation Of Michigan VA Reminder To Manage Workplace Safety | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, Health, Hospital, IT, Labor Department, Medical Center, Minimum Wage, OSHA, Safety, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

HHS Releases Final Rule on Health Insurance Market, Rate Review, Pre-Existing Conditions & Other ACA Market Reform Rules

February 25, 2013

The U.S. Department of Health and Human Services (HHS) on February 22, 2013 released its Final Rule implementing many of the key market reform provisions of the Patient Protection and Affordable Care Act, as amended by the Health Care and Education Reconciliation Act of 2010 (the “Affordable Care Act”) applicable to non-grandfathered health plans and health insurance issuers.

The 145 page regulations and associated guidance package scheduled for official publication in the Federal Register on February 27, 2013 clarifies and implements the Affordable Care Act’s provisions relating to Guaranteed Availability and Renewability; Health Insurance Premiums; Single Risk Pool; Catastrophic Plans, Utilization Data Collection and Reporting under the Federal Rate Review Program and certain other matters.

Among other thing, the Final Regulations:

Clarify the approach HHS will use to enforce the applicable requirements of the Affordable Care Act with respect to health insurance issuers and group health plans that are nonfederal governmental plans
Amend the standards for health insurance issuers and states on reporting, utilization, and collection of data under the federal rate review program
Revise the timeline for states to propose state-specific thresholds for review and approval by the Centers for Medicare & Medicaid Services (CMS)
Allow health insurance issuers to vary the premium rate for health insurance coverage in the individual and small group markets only based on family size, geography, and age and tobacco use within limits
Direct health insurance issuers to offer coverage to and accept every employer or individual who applies for coverage in the group and individual market, subject to certain exceptions including how these requirements inter-relate with the Affordable Care Act’s restrictions on pre-existing condition limitations and exclusions
Direct health insurance issuers to renew or continue in force coverage in the group and individual market, subject to certain exceptions
Codify the requirement that issuers maintain a single risk pool for the individual market and a single risk pool for the small group market (unless a state decides to merge the markets into a single risk pool)
Outline standards for enrollment in catastrophic plans for young adults and people who cannot otherwise afford health insurance
Amend the standards under the rate review program in 45 CFR part 154 by among other things, changing the timeline for states to propose state-specific thresholds for review and approval by CMS, requiring health insurance issuers to submit data relating to proposed rate increases in a standardized format specified by the Secretary of HHS and modifying criteria and factors for states to have an effective rate review program

Along with responding to these regulations, health insurers, group health plans and their insurers and others need to stay tuned. These regulations are just one of a deluge of regulations and other interpretations that HHS and other agencies are rolling out in the rush to meet the impending deadlines for the implementaton of the Affordable Care Act. For instance, along with this guidance, HHS along with the Internal Revenue Service and Employee Benefit Security Administration also last week issued FAQ XII, which discusses the co-pay, deductible and certain other aspects of the cost sharing limits of the Affordable Care Act. In previous weeks, the agencies also have issued or proposed regulations about waiting period, employer shared responsibility, essential health benefits, and various other elements of the rules. Additional guidance is impending.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

About Solutions Law Press, Inc.™

Comments Off on HHS Releases Final Rule on Health Insurance Market, Rate Review, Pre-Existing Conditions & Other ACA Market Reform Rules | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

FTC, HIPAA Rules Require Health Plans & Employers Strengthen Data Security on Mobile Devices and Applications

February 23, 2013

Thinking about or using mobile devices and applications in your heath care, health plan, workforce or related operations or struggling to meet the demands of employees, plan members or others to allow use of these tools? Be sure that you’ve taken appropriate steps to design, implement and manage legal responsibilities and risks associated with the development and use of these tools.

While the popularity, accessibility and cost-effectiveness of mobile devices and applications provides a strong incentive for health and other employee benefit plans, employers, their business associates, workforce members and customers to use mobile devices and applications, the use of these technologies and applications to collect, access, or use personal health care, financial, or other sensitive information presents special challenges and risks. Unfortunately, as the use of these tools proliferates, federal officials are increasingly concerned that the data security protections afforded by many of the devices and applications in use on these highly popular smart phone, tablet and other mobile devices and applications is highly lacking. See FTC Settlement With Mobile Device & App Developer Shows Developers & Businesses Need To Manage Mobile App & Data Security.

As federal regulators and law enforcement responds to growing concerns about cyber security and other risks, heath care, health plan and other businesses, their employees, customers, and other business partners jumping on the mobile device and application bandwagon, health, application bandwagon, and the device and application developers developing and offering these tools must take appropriate steps to manage the personal health, financial, and other sensitive information and data that these tools use, create, access or disclose.

Of course, most health plan sponsors, fiduciaries, administrators and service providers already recognize the need to use care when dealing with health plan data. The Health Insurance Portability & Accountability Act (HIPAA) generally requires that health care providers, health plans, health care clearinghouses and their businesses associates safeguard personal health care information or “PHI” and restrict its use, access and disclosure in accordance with the extensive and highly detailed requirements of the Privacy, Security and Breach Notification Regulations of the Department of Health & Human Services Office of Civil Rights (OCR).

OCR’s collection of several multi-million dollar settlements as well as its statements in its recent restated HIPAA regulations and other OCR guidance make clear that OCR views HIPAA as imposing significant responsibilities upon covered entities and their business associates to safeguard and restrict access to PHI on mobile devices and applications. OCR’s Long-Anticipated Omnibus HIPAA Privacy, Security, Breach Notification & Enforcement Rule Tightens Privacy Requirements, Require Action; Breaches resulting from the loss or theft of unencrypted ePHI on mobile or other computer devices or systems has been a common basis of investigation and sanctions since that time, particularly since the Breach Notification rules took effect. OCR Pops Idaho Hospice In 1st HIPAA Breach Settlement Affecting < 500 Patients; Providence To Pay $100000 & Implement Other Safeguards; OCR Hits Alaska Medicaid For $1.7M+ For HIPAA Security Breach; OCR Audit Program Kickoff Further Heats HIPAA Privacy Risks; $1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report; HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website. These actions and statements of OCR provide a clear warning to HIPAA-covered entities and their business associates to expect significant consequences for failing to properly encrypt and safeguard ePHI used, accessed or disclosed on mobile devices and applications.

Of course, HIPAA isn’t the only law and health plans should not be the only area of concern when employers or their health or other employee benefit plan fiduciaries and service providers are considering mobile device and application use. In addition to HIPAA’s health plan requirements concerning PHI, mobile devices and applications used in connection with employment, benefit plan, and related operations also can trigger a host of privacy, data security and other rules requiring data security and other safeguards. Federal laws like the Internal Revenue Code, the Fair Credit Reporting Act, Graham-Leech-Biliey, the Fair & Accurate Credit Transactions Act (FACTA) or other Federal Trade Commission (FTC) Rules, state data security, data breach, identity theft or other privacy rules or both are just a few of the many and constantly expanding regulatory requirements that can apply. Depending on the nature of the data and the circumstances of the unanticipated use or disclosure, invasion of privacy or other common or statutory laws also may come into play.

With the use of these applications by consumers and business proliferates, Congress, OCR, the FTC, state regulators and others are upping the responsibilities and the liability of businesses that fail to appropriately consider and implement security in their mobile devices and applications. Following on OCR’s restatement of its HIPAA regulations, the Obama Administration’s announcement of new cyber security initiatives, and a plethora of other federal and state regulatory and enforcement actions against businesses for data security missteps, the FTC recently launched a campaign to ensure that companies secure the software and devices mobile device and application providers provide consumers.

Earlier this month, the FTC introduced Mobile App Developers: Start with Security, a new business guide that encourages app developers to aim for reasonable data security.

On June 4, 2013, the FTC also plans to host a public forum on malware and other mobile security threats in order to examine the security of existing and developing mobile technologies and the roles that various members of the mobile ecosystem can play in protecting consumers.

Along side this educational outreach, the FTC also is moving to punish businesses that fail to act responsibly to protect sensitive data. This trend is illustrated by the FTC’s announcement this week of its first settlement with a mobile device manufacturer.

FTC Charges Against HTC America

This week, the FTC announced that mobile device giant HTC American, Inc. will to settle FTC charges that the company failed to take reasonable steps to secure the software it developed for its smart phones and tablet computers and introduced security flaws that placed sensitive information about millions of consumers at risk.

A leading mobile device manufacturer in the United States, HTC America develops and manufactures mobile devices based on the Android, Windows Mobile, and Windows Phone operating systems. HTC America has customized the software on these devices in order to differentiate itself from competitors and to comply with the requirements of mobile network operators.

In its first-ever complaint against a mobile device or application developer, the FTC charged HTC America failed to incorporate and administer appropriate safeguards for personal financial and other sensitive data accessed and used in these applications when designing or customizing the software on its mobile devices. Among other things, the complaint alleged that HTC America failed to provide its engineering staff with adequate security training, failed to review or test the software on its mobile devices for potential security vulnerabilities, failed to follow well-known and commonly accepted secure coding practices, and failed to establish a process for receiving and addressing vulnerability reports from third parties.

To illustrate the consequences of these alleged failures, the FTC’s complaint details several vulnerabilities found on HTC America’s devices, including the insecure implementation of two logging applications – Carrier IQ and HTC Loggers – as well as programming flaws that would allow third-party applications to bypass Android’s permission-based security model.

Due to these vulnerabilities, the FTC charged, millions of HTC devices compromised sensitive device functionality, potentially permitting malicious applications to send text messages, record audio, and even install additional malware onto a consumer’s device, all without the user’s knowledge or consent. The FTC alleged that malware placed on consumers’ devices without their permission could be used to record and transmit information entered into or stored on the device, including, for example, financial account numbers and related access codes or medical information such as text messages received from healthcare providers and calendar entries about doctor’s appointments. In addition, malicious applications could exploit the vulnerabilities on HTC devices to gain unauthorized access to a variety of other sensitive information, such as the user’s geolocation information and the contents of the user’s text messages.

Moreover, the FTC complaint alleged that the user manuals for HTC Android-based devices contained deceptive representations, and that the user interface for the company’s Tell HTC application was also deceptive. In both cases, the security vulnerabilities in HTC Android-based devices undermined consent mechanisms that would have otherwise prevented unauthorized access or transmission of sensitive information.

HTC America Settlement

The settlement not only requires the establishment of a comprehensive security program, but also prohibits HTC America from making any false or misleading statements about the security and privacy of consumers’ data on HTC devices. Under the settlement agreement, HTC American must:

Fix vulnerabilities found in millions of HTC devices;
Establish a comprehensive security program designed to address security risks during the development of HTC devices; and
Undergo independent security assessments every other year for the next 20 years.

HTC America and its network operator partners are also in the process of deploying the security patches required by the settlement to consumers’ devices. Many consumers have already received the required security updates. The FTC is encouraging consumers using HTC America applications to apply the updates as soon as possible.

The FTC Commission vote to accept the consent agreement package containing the proposed consent order for public comment was 3-0-2, with Chairman Jon Leibowitz not participating and Commissioner Maureen Ohlhausen recused. The FTC will publish a description of the consent agreement package in the Federal Register shortly.

In accordance with FTC procedures, the settlement agreement will be subject to public comment through March 22, after which the Commission will decide whether to make the proposed consent order final. Interested parties can submit comments electronically or in paper form using instructions in the “Invitation To Comment” part of the “Supplementary Information” section. Comments in paper form should be mailed or delivered to: Federal Trade Commission, Office of the Secretary, Room H-113 (Annex D), 600 Pennsylvania Avenue, N.W., Washington, DC 20580. The FTC is requesting that any comment filed in paper form near the end of the public comment period be sent by courier or overnight service, if possible, because U.S. postal mail in the Washington area and at the Commission is subject to delay due to heightened security precautions.

Act To Manage Mobile Application Device & Security

Given the expanding awareness, expectations and enforcement of OCR, FTC and others, health care, health plan and other industry participants deciding whether and when to use, or allow others to use mobile devices or applications to access data or carry out other activities and the mobile device or other technology developers and providers offering products or services to these organizations must get serious about security.

These and other related activities send a clear message that health care, health insurance mobile device and application users and developers must incorporate and administer appropriate processes and safeguards to protect PHI, personal financial and other sensitive data. In response to these developments, industry mobile device and application developers and the health care, health insurance and other businesses must consider carefully before deploying or allowing others to deploy or use these tools in relation to data within their operations or systems. Before and when using or permitting customers, business partners, employees or others to use tools, these organizations must ensure the adequacy of the design and security safeguards for their devices, software and applications, as well as their disclaimers and associated consumer disclosures and consents. Because of the special legal and operational expectations for these organizations, health care, health insurance and other industry provides must resist pressure to allow the use of these tools unless and until they can verify that these legal and operational requisites are fulfilled.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

Nationally recognized for her extensive work, publications and leadership on HIPAA and other privacy and data security concerns, Ms. Stamer has extensive experience representing, advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical and other privacy and data security, employment, employee benefits, and to handle other compliance and risk management policies and practices; to investigate and respond to OCR and other enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

A Fellow in the American College of Employee Benefit Counsel, State Bar of Texas and American Bar Association, Vice President of the North Texas Health Care Compliance Professionals Association, the Former Chair of the ABA RPTE Employee Benefit & Compensation Group and current Co-Chair of its Welfare Benefit Committee, Vice Chair of the ABA TIPS Employee Benefit Committee, an ABA Joint Committee on Employee Benefits Council Representative, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer serves as the scribe for the ABA Joint Committee on Employee Benefits agency meeting with OCR. Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights on HIPAA and other data privacy and security concerns appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. For instance, Ms. Stamer for the third year will serve in 2013 as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR. Her insights on HIPAA risk management and compliance often appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, SHRM, HIMMS, the American Bar Association, the Health Care Compliance Association, a multitude of health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here.

In addition to this extensive HIPAA specific experience, Ms. Stamer also is recognized for her experience and skill aiding clients with a diverse range of other employment, employee benefits, health and safety, public policy, and other compliance and risk management concerns.

About Solutions Law Press, Inc.™

Comments Off on FTC, HIPAA Rules Require Health Plans & Employers Strengthen Data Security on Mobile Devices and Applications | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

3/13 JCEB Teleconference Explores Foreign Transferees: Outbound, Inbound, Equity And Treaty Issues

February 19, 2013

Cynthia Marcotte Stamer will share her insights on health and welfare benefit challenges for multinational employers as one of the featured panelists on the “Foreign Transferees: Outbound, Inbound, Equity And Treaty Issues” Teleconference hosted by the American Bar Association Joint Committee on Employee Benefits on March 13, 2013 from 10:00-11:30 a.m. Central Time.

Intended to help broad-based U.S. and European community benefits attorneys and others seeking to understand common and unique issues associated with employee transferees, granting of equity compensation and associated treaty issues, including:
Basic issues associated with transfers including granting of past service credits, vesting and distribution issues
Case studies involving employee transfers between the U.S. and the UK.
Use of international deferred compensation programs.
Unique health and welfare issues associated with international transfers.
Interesting/Global equity issues to avoid.

Moderated by Elizabeth Drigotas, PriceWaterhouseCoopers, Washington, DC, the program will feature a diverse and highly experienced group of distinguished government and private speakers including:

M. Grace Fleeman, Senior Technical Reviewer, Branch 1, (Associate Chief Counsel International)), Internal Revenue Service, U.S. Department of the Treasury, Washington, DC (invited)
Andrew C. Liazos, McDermott Will & Emery, Boston, MA
Matthew Preston, Clifford Chance, London, UK
Cynthia Marcotte Stamer, Cynthia Marcotte Stamer, PC, Addison, TX.

To register or for additional information, see here.

About Ms. Stamer

Sought out nationally and internationally as an industry thought leader and problem solver, attorney, Cynthia Marcotte Stamer has more than 25 years experience helping domestic and foreign private and public businesses, employer and union plan sponsors, health and other employee benefit plans, associations, their fiduciaries, administrators, and vendors, group health, Medicare and Medicaid Advantage, and other insurers, governmental and community leaders and others develop, implement, administer and defend creative, legally compliant and operationally effective health and other employee benefit, employment, insurance, pension and retirement, health care, workers’ compensation and workforce plans, practices, and policies.

Recognized in International Who’s Who, the founder and Executive Director of Project COPE: The Coalition on Patient Empowerment and its affiliate, the Coalition on Responsible Health Policy; a Fellow in the American College of Employee Benefits Counsel, American Bar Association, and State Bar of Texas; Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Immediate Past Chair of the ABA RPTE Employee Benefit & Other Compensation Committee, current ABA RPTE Employee Benefit & Other Compensation Committee Welfare Benefits Committee Co-Chair and Substantive Groups Committee Member, and a Council Member of the ABA Joint Committee on Employee Benefits, Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, and Immediate Past Gulf States Area TEGE Council Exempt Organization Chair, Ms. Stamer helps these and other clients. to design, document, administer and defend managed care and insurance programs, processes, and products; to monitor and manage evolving regulatory, contractual and fiduciary obligations and risks; to draft, negotiate, interpret and enforce managed care and other contracts, plan documents, insurance policies, administrative services agreements, and other agreements, policies, procedures and controls; to credential, monitor and manage fiduciaries, service providers, consultants and others providing services relating to programs; to conduct and defend litigation, audits, and other enforcement actions; to deal with legislators, regulators, auditors and others; and to fulfill legal obligations, mitigate legal risks and improve operational effectiveness.

As a core focus of her practice, Ms. Stamer continuously counsels, represents and defends self-insured and insured managed care and health, disability and welfare, pension, deferred compensation and other employee benefit plans; employer, association, insurer, and other employee benefit and insurance program sponsors; plan fiduciaries, administrators, brokers, consultants and other service providers; Medicare and Medicaid Advantage and other group, individual, stop-loss and other reinsurance, fiduciary liability and other insurers; health and insurance technology and other outsourcing companies; human resources, insurance and employee benefit consulting organizations; and other insurance, employee benefit and human resources industry clients, domestic and foreign governments and others about a diverse range of employee benefit, insurance, employment, tax, regulatory, risk management, public policy and related matters.

Ms. Stamer’s health benefit experience includes extensive and highly-innovative dealings with insured and self-insured managed care, defined contribution, indemnity and other health benefit, disability, life, occupational injury, Medicare and Medicaid Advantage, and other welfare benefit and insurance plans and policies; and a wide range of other employee benefits, compensation, insurance, equity and other related arrangements. Her work includes leading edge development and use of 24-hour coverage and other occupational injury, ex-pat and other medical tourism products, HRA, HSA, HRA and other defined contribution, hi-deductible, deductible reimbursement, min-med and other limited benefit plans, 24-hour and occupational benefit, fraternal benefit and association, and other medical programs as well as a broad range of claims, appeals, audit, and other administrative processes and tools designed to promote defensibility and mitigate risks.

Along side this domestic work, Ms. Stamer also has extensive international experience. A primary drafter of the Bolivian Social Security privatization law with extensive domestic and international regulatory and public policy experience, Ms. Stamer also has worked extensively domestically and internationally on design, administration, operations, compliance, public policy and regulatory, and other challenges arising in the administration of multinational workforces and populations. Throughout her career, Ms. Stamer has advised both U.S. based businesses and foreign owned or operated businesses about design and administration of employment, employee benefit, worker’s compensation, employment tax, occupational safety, discipline and promotion, collective bargaining, recruiting, compliance, risk management and other personnel practices for multinational workforces. She has worked extensively on the design and administration of pension, severance, health and other benefit and compensation programs for their multinational workforce. She assists businesses with cross-border and domestic employment, consulting, independent contractor, subcontractor, employee leasing and other staffing and vendor agreements; multinational Foreign Corrupt Practices Act, Federal Sentencing Guidelines, and other compliance programs and practices; design, drafting, interpretation, implementation, and coordination pension, health care, severance, education, insurance, employment, tax, unemployment, disability, and other programs and requirements; represents and advises businesses, associations and government agencies before U.S. and foreign governments in connection with tax, employment, and other compliance matters, trade relationships and missions, public policy advocacy.

A widely published author and highly sought out speaker whose HR & Benefits Update has been recognized as among the “Top 50” HR Blogs To Watch, Ms. Stamer also regularly authors materials and conducts workshops and professional, management and other training on employee benefits, human resources, health care and other compliance and management topics for the ABA, Aspen Publishers, the Bureau of National Affairs (BNA), SHRM, World At Work, Insurance Thought Leadership, Government Institutes, Inc., Solutions Law Press, Inc., the Society of Professional Benefits Administrators, HealthLeaders, Managed Care Executive, CEO Magazine, Business Insurance and many other industry, professional and business publications. An Editorial Advisory Board Member of the Institute of Human Resources (IHR/HR.com), Employee Benefit News, and other publications, Ms. Stamer also regularly serves on the faculty and planning committees of a multitude of symposium and other educational programs. For more details about Ms. Stamer’s services, experience, presentations, publications, and other credentials or to inquire about arranging counseling, training or presentations or other services by Ms. Stamer, see www.CynthiaStamer.com. Ms. Stamer also is widely recognized for her regulatory and public policy advocacy, publications, and public speaking on privacy and other compliance, risk management concerns. For the past two years, Ms. Stamer has serve as the appointed scribe for the ABA Joint Committee on Employee Benefits annual agency meeting with OCR and has lead numerous programs for the ABA and others on this topic. Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others.

About Solutions Law Press, Inc.™

Comments Off on 3/13 JCEB Teleconference Explores Foreign Transferees: Outbound, Inbound, Equity And Treaty Issues | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

SLP Readers Get $400 Discount To Learn Key Health Care Reform Coping Strategies At 2/21-22 Employer Health & Human Capital Strategy Congress In Lake Mary, FL

February 5, 2013

Solutions Law Press, Inc. (SLP) readers qualify for up to a $400 discount on their registration to learn key insights from on strategies for charting the path forward to drive employee wellness, strengthen the workforce and impact global business competitiveness in the face of the impending health care reforms of the Patient Protection & Affordable Care Act from SLP Editor/Author Cynthia Marcotte Stamer and other leading employer health care decision makers at the 8^th Annual Employer Health & Human Capital Strategy Congress that the World Health Congress is hosting on February 21-22, 2013 at The Westin Lake Mary, Orlando North Conference Center in Lake Mary, Florida.

About the Program

Nationally recognized industry thought leader and attorney SLP Editor attorney Cynthia Marcotte Stamer will help kick off the program when she joins a panel of prominent HR leaders discussing “Assessing Alternatives and Opportunities: Defined Contribution and Exchanges-What are the Long-Term Implications on Your Human Capital Strategy” beginning at 9:30 a.m. on February 21, 2013.

Following this keynote panel, attendees also will learn other key ideas and strategies to help their organizations cope with Health Care Reform as they participate in a host of other insightful and timely presentations by dynamic team of prominent HR and other industry experts and network with other management and human resources leaders .including:

John Rother, National Coalition on Health care
Shawn Leavitt, Carlson Companies
Rebecca Mariet Lynn-Crockford, Suntrust Banks, Inc
Jo-Ann Gastin, Lockton Companies, LLC
Paul Grundy, M.D., Patient-Centered Primary Care Collaborative
Roger C. Merring, M.D., Perdue Farm Inc.
Sam Nussbaum, Wellpoint, Inc.
Benjamin H. Hoffman, M.D., GE Energy
Bruce Sherman, MD, Employers Health Coalition

For a full agenda and other details on the program, see here.

SLP Reader Registration Discount

SLP is delighted to announce that the World Health Congress is offering SLP readers the opportunity to claim a $400 discount off the otherwise applicable registration fee when registering for the program. To register and claim this discount, enter registration code “GHH925” at the designated location when registering for the program here.

About Ms. Stamer

Sought out nationally and internationally as an industry thought leader and problem solver, SLP Editor and author attorney, Cynthia Marcotte Stamer has spent more than 25 years helping private and public employers, employer and union plan sponsors, health and other employee benefit plans, associations, their fiduciaries, administrators, and vendors, group health, Medicare and Medicaid Advantage, and other insurers, governmental and community leaders and others develop, implement, administer and defend creative, legally compliant and operationally effective health and other employee benefit, employment, insurance, health care and workforce plans, policies, practices, operations and policies.

A primary drafter of the Bolivian Social Security privatization law with extensive domestic and international regulatory and public policy experience, Ms. Stamer also has worked extensively domestically and internationally on public policy and regulatory advocacy on health and other employee benefits, human resources, insurance, tax, compliance and other matters and representing clients in dealings with the US Congress, Departments of Labor, Treasury, Health & Human Services, Federal Trade Commission, HUD and Justice, as well as a state legislatures attorneys general, insurance, labor, worker’s compensation, and other agencies and regulators. Her Patient Empowerment Toolkit™, Play4Life Community Program™, and other patient empowerment, health care quality, and other industry thought leadership, advocacy and solutions have drawn the attention of business, government and community leaders for their insightfulness and practicality.

A widely published author and highly sought out speaker whose HR & Benefits Update has been recognized as among the “Top 50” HR Blogs To Watch, Ms. Stamer also regularly authors materials and conducts workshops and professional, management and other training on employee benefits, human resources, health care and other compliance and management topics for the ABA, Aspen Publishers, the Bureau of National Affairs (BNA), SHRM, World At Work, Insurance Thought Leadership, Government Institutes, Inc., Solutions Law Press, Inc., the Society of Professional Benefits Administrators, HealthLeaders, Managed Care Executive, CEO Magazine, Business Insurance and many other industry, professional and business publications. An Editorial Advisory Board Member of the Institute of Human Resources (IHR/HR.com), Employee Benefit News, and other publications, Ms. Stamer also regularly serves on the faculty and planning committees of a multitude of symposium and other educational programs. For more details about Ms. Stamer’s services, experience, presentations, publications, and other credentials or to inquire about arranging counseling, training or presentations or other services by Ms. Stamer, see www.CynthiaStamer.com or contact Ms. Stamer directly via email here or (469) 767-8872.

About Solutions Law Press, Inc.™

Comments Off on SLP Readers Get $400 Discount To Learn Key Health Care Reform Coping Strategies At 2/21-22 Employer Health & Human Capital Strategy Congress In Lake Mary, FL | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Stamer Talks on “What the Wind Blew In: Coping with Health Care Reform: 2013 and Beyond” May 2 At 24th Annual RPTE Spring Symposia In Washington, D.C.

January 28, 2013

Cynthia Marcotte Stamer will a featured panelists discussing “What the Wind Blew In: Coping with Health Care Reform: 2013 and Beyond” on Thursday, May 2, 2013 at 24th Annual RPTE Spring Symposia at the Capital Hilton in Washington, DC. The Symposia scheduled to take place on May 2–3, 2013 will cover a broad range of timely topics on real estate, trusts and estates and other related concerns. To register, review the full agenda or get additional information about the Symposium, see here.

About Ms. Stamer

A noted Texas-based employee benefits and employment lawyer with extensive involvement in the leadership of the ABA and other professional organizations involved in employee benefits, health care and workforce matters, is nationally and internationally known for her innovative leadership and work as an attorney, consultant, policy advocate, speaker and author helping businesses, governments, and communities on health and other insurance and employee benefits, patient education and empowerment, wellness and disease management, and other programs, policies, and processes. For more than 24 years, Ms. Stamer’s legal practice has focused on advising and representing employers, insurers, health care providers, community leaders and governments about health care and employee benefits policy and process improvement, quality, performance management, education, compliance, communications, risk management, reimbursement and finance, and other related matters. In addition to her legal practice, Stamer also extensively consults and provides leadership to a broad range of clients, professional and civic organizations, and others on strategies for improving the health care system and the ability of health care providers, payers, employers, community organizations, government agencies to promote the ability of patients and their families to access cost-effective, quality, affordable health care and other resource needs. She also has worked extensively with a broad range of business and government clients on health care, pension, social security, workforce, insurance and many other related policy matters.

In addition to her service with the ABA, Ms. Stamer also is active in the leadership of a broad range of other professional and civil organizations. For instance, Ms. Stamer presently serves as Executive Director of Project COPE, the Coalition on Patient Empowerment and the Coalition for Responsible Healthcare Policy; Vice President of the North Texas Healthcare Compliance Professionals Association; Immediate Past Chair of the American Bar Association RPTE Employee Benefits & Other Compensation Committee and its representative to the ABA Joint Committee on Employee Benefits and Vice Chair of its Welfare Benefits Committee; Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and a current member of its Healthcare Coordinating Council; and as the Gulf Coast TEGE Council TE Committee Coordinator. She previously served as a founding Board Member and President of the Alliance for Healthcare Excellence, as a Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; the Board President of the early retirement intervention agency, The Richardson Development Center for Children; Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a member of the Board of Directors of the Southwest Benefits Association; on numerous seminar faculties and in many other professional and civic leadership and volunteer roles.

Author of the hundreds of publications and workshops these and other employment, employee benefits, health care, insurance, workforce and other management matters, Ms. Stamer’s insights on employee benefits, insurance, health care and workforce matters in Atlantic Information Services, The Bureau of National Affairs, HealthLeaders, Modern Healthcare, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other publications. Nationally known for her work on health care reform and related matters, Ms. Stamer also regularly conducts training and speaks on these and other management, compliance and public policy concerns. For additional information about Ms. Stamer, upcoming training, publications or other materials or events, see here or contact Ms. Stamer directly via email here or (469) 767-8872.

About Solutions Law Press, Inc.™

Comments Off on Stamer Talks on “What the Wind Blew In: Coping with Health Care Reform: 2013 and Beyond” May 2 At 24th Annual RPTE Spring Symposia In Washington, D.C. | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

IRS Will Begin Accepting Returns Claiming Education Credits By Mid-February

January 28, 2013

As preparations continue for the Jan. 30 opening of the 2013 filing season for most taxpayers, the Internal Revenue Service has announced that it beginprocessing of tax returns claiming education credits n by the middle of February.

Taxpayers using Form 8863, Education Credits, can begin filing their tax returns after the IRS updates its processing systems. Form 8863 is used to claim two higher education credits — the American Opportunity Tax Credit and the Lifetime Learning Credit.

The IRS emphasized that the delayed start will have no impact on taxpayers claiming other education-related tax benefits, such as the tuition and fees deduction and the student loan interest deduction. People otherwise able to file and claiming these benefits can start filing Jan. 30, 2013

As it does every year, the IRS reviews and tests its systems in advance of the opening of the tax season to protect taxpayers from processing errors and refund delays. The IRS discovered during testing that programming modifications are needed to accurately process Forms 8863. Filers who are otherwise able to file but use the Form 8863 will be able to file by mid-February. No action needs to be taken by the taxpayer or their tax professional. Typically through the mid-February period, about 3 million tax returns include Form 8863, less than a quarter of those filed during the year.

The IRS remains on track to open the tax season on January 30 for most taxpayers. The January 30 opening includes people claiming the student loan interest deduction on the Form 1040 series or the higher education tuition or fees on Form 8917, Tuition and Fees Deduction. Forms that will be able to be filed later are listed on IRS.gov.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

About Solutions Law Press, Inc.™

Comments Off on IRS Will Begin Accepting Returns Claiming Education Credits By Mid-February | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

IRS Shares Procedures Employers Use To Claim Increased Monthly Transit Benefit Exclusion Allowed By Administrative Taxpayer Relief Act

January 28, 2013

The Administrative Taxpayer Relief Act retroactively increased monthly transit benefit limit that employers can provide to employees on a tax-free basis for 2012 from $125 per month to $240 per month. Notice 2013-8 provides a special correction procedure for employers who paid benefits in excess of $125 per month in 2012 and wish to make corrections on their fourth quarter Form 941.

Notice 2013-8 will be published in Internal Revenue Bulletin 2013-7 on February 11, 2013

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

About Solutions Law Press, Inc.™

Comments Off on IRS Shares Procedures Employers Use To Claim Increased Monthly Transit Benefit Exclusion Allowed By Administrative Taxpayer Relief Act | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Employer, Employment, transit benefit exclusion | Permalink
Posted by Cynthia Marcotte Stamer

Employers ACA Health Reforms Prohibit Using HRAs To Pay Individual Medical Policy Premiums & Impact Other HRA Arrangements

January 27, 2013

Since the enactment of the Patient Protection & Affordable Care Act (ACA), many employers searching for health plan solutions may have been asked to consider replacing or modifying their existing insured or self-insured group health plan with a “health reimbursement arrangement” (HRA) or other arrangement which would reimburse employees for premiums paid for individual health insurance policies. New guidance released on Thursday, January 24, 2013 indicates that such arrangements are prohibited as part of the ACA health care reforms.

“FAQS About Affordable Care Implementation (Part XI)” (FAQ) available here issued by the Departments of Labor, Health and Human Services (HHS), and the Treasury (collectively, the Agencies) on January 24, 2013 sends a clear message to employers that trying to escape ACA or other federal group health plan mandates by replacing their traditional insured or group health plans or policies with health reimbursement arrangements (HRAs) or other arrangements under which the employer agrees to provide a fixed defined contribution to be used to buy or reimburses employees for buying individual health insurance generally won’t pass legal muster. The FAQ also indicates that employers sponsoring HRAs that only reimburse medical expenses, not individual health insurance premiums also need to review their arrangements to verify that those programs also comply with ACA and other applicable rules.

Concerning the use of HRAs to pay for individual health insurance policy premiums, the FAQ states that PHS Act Section 2711 generally prohibits an employer-sponsored HRA cannot be integrated with individual market coverage or with an employer plan that provides coverage through individual policies. Under ACA, employers that improperly offer arrangements that violate PHS Section 2711 or other group health plans risk exposing themselves to liability for significant unanticipated health benefit claims, as well as other penalties and costs. Therefore, employers that have or are contemplating arrangements that provide or reimburse premiums for individual health insurance coverage are urged to contact qualified legal counsel with documented experience with ACA and other group health plan requirements for advice before establishing or continuing such arrangements.

The FAQ’s guidance about the use of individual insurance policies to arrange coverage for employees is one of several issues addressed in the FAQ and part of a wave of new guidance that has and is emerging as the Obama Administration moves to full implementation of the ACA reforms. Employers, plan fiduciaries, insurers, and others involved in the design or administration of health benefit programs need to monitor carefully this emerging guidance as they move quickly to tailor their programs in response to these evolving rules. For help monitoring or responding to these evolving rules, contact the author of this update, Cynthia Marcotte Stamer.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

About Solutions Law Press, Inc.™

Comments Off on Employers ACA Health Reforms Prohibit Using HRAs To Pay Individual Medical Policy Premiums & Impact Other HRA Arrangements | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Employer Deadline To Give ACA Notice of Exchange Coverage Options Delayed

January 25, 2013

The Department of Labor has extended the deadline for employers to notify employees about the existence of and their rights under the health exchanges required by new Section 18B of the Fair Labor Standards Act (FLSA), as added by Section 1512 of the Patient Protection & Affordable Care Act (ACA). The extension announced in Frequently Answered Question (FAQ) here provides a welcome temporary reprieve to employers who otherwise would have been required to notify employees by March 1, 2013.

As part of the impending implementation of ACA’s health care reform, FLSA § 18B generally requires each applicable employer provide each employee a written notice (Exchange Notice) in accordance with regulations promulgated by the Secretary of Labor:

Informing the employee of the existence of Exchanges including a description of the services provided by the Exchanges, and the way the employee may contact Exchanges to request assistance;
If the employer plan’s share of the total allowed costs of benefits provided under the plan is less than 60 percent of such costs, that the employee may be eligible for a premium tax credit under section 36B of the Internal Revenue Code (the Code) if the employee purchases a qualified health plan through an Exchange; and
If the employee purchases a qualified health plan through an Exchange, the employee may lose the employer contribution (if any) to any health benefits plan offered by the employer and that all or a portion of such contribution may be excludable from income for Federal income tax purposes. The Department of Labor expects that the timing for distribution of notices will be the late summer or fall of 2013, which will coordinate with the open enrollment period for Exchanges.

Before the Department’s announcement in the FAQ, the deadline for employers to begin giving employees Exchange Notices was the later of March 1, 2013 or at the time of hiring. The FAQ extends this deadline until a date to be set by the Department in future guidance, which the Department expects will require employers to distribute the notices in the late summer or fall of 2013 to coordinate with the open enrollment period for Exchanges.

According to the announcement of the delay, the Department delayed the impending March 1, 2013 deadline to give the (Exchange Notice) to better coordinate with related Health and Human Service and Internal Revenue Service efforts and to allow more time to comply and to distribute the Exchange Notices to employees at a meaningful time.

In addition to providing added time to provide the Exchange Notice, the Department also has announced that it is considering providing model, generic language that employers could use to provide the Exchange Notice. to satisfy the notice requirement. As a compliance alternative, the Department also is considering allowing employers to meet the Exchange Notice requirement by providing employees with information using the employer coverage template as discussed in the preamble to the Proposed Rule on Medicaid, Children’s Health Insurance Programs, and Exchanges: Essential Health Benefits in Alternative Benefit Plans, Eligibility Notices, Fair Hearing and Appeal Processes for Medicaid and Exchange Eligibility Appeals and Other Provisions Related to Eligibility and Enrollment for Exchanges, Medicaid and CHIP, and Medicaid Premiums and Cost Sharing (78 FR 4594, at 4641), which will be available for download at the Exchange web site as part of the streamlined application that will be used by the Exchange, Medicaid, and CHIP.

The Exchange Notice is just one of a multitude of notices and other mandates that ACA requires that employers or their health plans, insurers, or both to meet. Although the Exchange Notice gives employers a little more time to provide the Exchange Notices, employer and other health plan sponsors, fiduciaries, administrators and insurers are urged to continue to diligently move forward to update their plans, communications, processes and other arrangements to comply with existing and impending ACA mandates while keeping a watchful eye on for additional guidance that may require additional tailoring of these arrangements.

Stay tuned for updates about future guidance on complying with the notice requirement under FLSA section 18B and other developments.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

About Solutions Law Press, Inc.™

Comments Off on Employer Deadline To Give ACA Notice of Exchange Coverage Options Delayed | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Hear Stamer Speak On “Coping With Health Care Reform Now” At 2/14 Dallas ICEBS Meeting

January 23, 2013

Cynthia Marcotte Stamer will share key information and practical strategies for “Coping with Health Care Reform Now” at the Dallas Chaper ICEBS Valentines Day luncheon meeting on February 14, 2012. The meeting is scheduled from 11:30 a.m. to 1:30 p.m on February 14, 2012 at Haggar Clothing Company at 11511 Luna Road, Dallas, Texas . Interested persons may register or get other details at http://www.dfwiscebs.org.

With the initial debate about the Constitutionality of the Patient Protection & Affordable Care Act (ACA) decided and making a Congressional reprieve highly improbable, employer and other health plan sponsors, insurers, fiduciaries and administrators are scrambling to update plan documents, communications, processes and procedures to meet current ACA and other health plan rules, while bracing to cope with the sweeping health care reforms slated to take effect in 2014. These already daunting tasks are made more challenging by the continuing uncertainty of the constantly evolving regulations, evolving marketplace, increases in health plan costs and ever-shrinking corporate budgets.

To help health plan sponsors, fiduciaries, administrators and insurers deal with the tough business of implementation, attorney Cynthia Marcotte Stamer will discuss practical strategies, legal updates and other information needed for to cope with health care reform now and to prepare to meet future health plan regulations and challenges including:

The Latest On Key ACA & Other Health Care Reform Regulations Such As ACA’s Requirements On Fees Employers Sponsoring Self-Insured Health Plans & Insurers Must Pay To Fund The Patient-Centered Outcomes Research Institute, Contraceptive and Other Preventive Services, Nondiscrimination, Essential Health Benefits, Internal Claims and Appeals and External Review, Medical Loss Ratios, Large Employer Automatic Enrollment, Summary of Benefits & Coverage, Culturally & Linguistically Appropriateness, Value-Based Insurance Design, Wellness Programs, Exchanges, the Employer Pay-Or-Plan Mandates, Wellness Reporting, Wellness Programs, W-2 Reporting of Employer Provided Health Coverage, Employer Plan Minimum Value & The Premium Tax Credit And Other ACA & Other Federal Health Plan Mandates;
Key Changes To HIPAA Privacy Regulations & What Health Plans & Employers Should Expect To Be Required To Do To Comply With These Changes By the September, 2013 Deadline;
What’s Happened, Happening & Likely To Happen With Exchanges;
A 12-Step Practical Process For Helping Employers Managing ACA & Other Health Plan Compliance Responsibilities & Risks; and
Tips On What To Watch For And Options For Maintaining Flexibility To Respond To Evolving Rules; and
Answer Common Questions That Health Plan Sponsors and Administrators Are Struggling With Submitted By Audience Members

Registrants are encouraged to help shape the program to reflect their questions and concerns by e-mailing their proposed questions prior to the program to cstamer@solutionslawyer.net. The program’s educational* discussion will be tailored taking into account this input with significant time set aside to share practical information and possible approaches for addressing questions and concerns of shared concern identified from this audience input.

About Ms. Stamer

A Fellow in the American College of Employee Benefits Counsel, the American Bar Association & the State Bar of Texas, recognized in International Who’s Who, and Board Certified in Labor & Employment Law, Cynthia Marcotte Stamer is nationally and internationally recognized for her extensive and highly practical, solutions-oriented health plan work, advocacy, publications, programs and leadership.

For more than 25 years, Ms. Stamer has advised and represented private and public employers, employer and union plan sponsors, employee benefit plans, associations, their fiduciaries, administrators, and vendors, group health, Medicare and Medicaid Advantage, and other insurers, governments and others on health and other employee benefit, employment, insurance and health care compliance, risk management, public policy, administration and defense. Throughout her career, Ms. Stamer has worked extensively with employer and other health plan sponsors, insurers, plan administrators and other service providers, outsourcers and others to develop innovative health benefit programs and solutions and to document, administer and defend those arrangements in the mist of rising costs, evolving regulations and changing markets.

A primary drafter of the Bolivian Social Security privatization law with extensive regulatory and public policy experience, Ms. Stamer has been involved domestically and internationally as an advocate and advisor on health care, pension and Social Security, workforce and insurance reform and regulation. She presently serves as the scribe for the ABA JCEB Annual Agency Meeting with the Office of Civil Rights. She also represents clients in dealings with the US Congress, Departments of Labor, Treasury, Health & Human Services, Federal Trade Commission, HUD and Justice, as well as a state legislatures attorneys general, insurance, labor, worker’s compensation, and other agencies and regulators.

Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits Group, Ms. Stamer presently serves as Co-Chair of the ABA RPTE Section Welfare Plan Committee; Vice Chair of the ABA TIPS Employee Benefit Committee; as a Council Representative of the ABA Joint Committee on Employee Benefits; an Editorial Advisory Board Member for the Institute of Human Resources (IHR/HR.com), Employee Benefit News and Insurance Thought Leadership; Editor and Publisher of various Solutions Law Press, Inc. publications, and previously served on the Editorial Advisor Board of the the BNA Employee Benefits CD-Rolm.

A popular and prolific author and speaker, Ms. Stamer’s Solutions Law Press, Inc. HR & Benefits Update publication was recognized as one of the Top 50 Human Resources Blogs To Watch in 2012. Ms. Stamer regularly authors materials and conducts workshops and professional, management and other training on employee benefits, human resources and related topics for the ABA, Aspen Publishers, the Bureau of National Affairs (BNA), SHRM, World At Work, Government Institutes, Inc., the Society of Professional Benefits Administrators and many other organizations. She also regularly serves on the faculty and planning committees of a multitude of symposium and other educational programs. For more details about Ms. Stamer’s services, experience, presentations, publications, and other credentials or to inquire about arranging counseling, training or presentations or other services by Ms. Stamer, see www.CynthiaStamer.com.

* Registrants are reminded that this discussion is provided for general information and educational purposes. Accordingly, registrants are reminded that the discussion does not constitute legal advice, a substitute for legal advice or establish an attorney-client or other professional relationship.

About Solutions Law Press, Inc.™

Comments Off on Hear Stamer Speak On “Coping With Health Care Reform Now” At 2/14 Dallas ICEBS Meeting | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

OCR Publishes Long-Anticipated Omnibus Restatement of HIPAA Privacy, Security, Breach Notification & Enforcement Rules

January 17, 2013

Health plans, their employer or other sponsors, insurers, fiduciaries, administrative service providers and other business associates have a lot of work to do.

Health plans, health care clearinghouses and their business associates will need to review and update their policies and practices for handling and disclosing personally identifiable health care information (“PHI”) in response to the omnibus restatement of the Department of Health & Human Services (“HHS”) Office of Civil Rights (“OCR”) of its of its regulations (the “2013 Regulations”) implementing the Privacy and Security Rules under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Rulemaking announced January 17, 2013 may be viewed here.

The 2013 Regulations Overview

Since 2003, HIPAA generally has required that health care providers, health plans, health care clearinghouses and their business associates (“Covered Entities”) restrict and safeguard individually identifiable health care information (“PHI”) of individuals and afford other protections to individuals that are the subject of that information. The 2013 Regulations published today complete the implementation of changes to HIPAA that Congress enacted when it passed the Health Information Technology for Economic and Clinical Health (HITECH) Act in 2009 as well as make other changes to the prior regulations that OCR found desirable based on its experience administering and enforcing the law over the past decade.

Since passage of the HITECH Act, OCR officials have warned Covered Entities to expect an omnibus restatement of its original regulations. While OCR had issued certain regulations implementing some of the HITECH Act changes, it waited to publish certain regulations necessary to implement other HITECH Act changes until it could complete a more comprehensive restatement of its previously published HIPAA regulations to reflect both the HITECH Act amendments and other refinements to its HIPAA Rules. The 2013 Regulations published today fulfill that promise by restating OCR’s HIPAA Regulations to reflect the HITECH Act Amendments and other changes and clarifications to OCR’s interpretation and enforcement of HIPAA.

Among other things, the 2013 Regulations:

Revise OCR’s HIPAA regulations to reflect the HITECH Act’s amendment of HIPAA to add the contractors and subcontractors of health plans, health care providers and health care clearinghouses that qualify as business associates to the parties directly responsible for complying with and subject to HIPAA’s civil and criminal penalties for violating HIPAA’s Privacy, Security, and Breach Notification rules;
Update previous interim regulations implementing HITECH Act breach notification rules that require Covered Entities including business associates to give specific notifications to individuals whose PHI is breached, HHS and in some cases, the media when a breach of unsecured information happens;
Update interim enforcement guidance OCR previously published to implement increased penalties and other changes to HIPAA’s civil and criminal sanctions enacted by the HITECH Act;
Implement HITECH Act amendments to HIPAA that tighten the conditions under which Covered Entities are allowed to use or disclose PHI for marketing and fundraising purposes and prohibit Covered Entities from selling an individual’s health information without getting the individual’s authorization in the manner required by the 2013 Regulations;
Update OCR’s rules about the individual rights that HIPAA requires that Covered Entities to afford to individuals who are the subject of PHI used or possessed by a Covered Entity to reflect tightened requirements enacted by the HITECH Act that allow individuals to order their health care provider not to share information about their treatment with health plans when the individual pays cash for the care and to clarify that individuals can require Covered Entities to provide electronic PHI in electronic form;
Revise the regulations to reflect amendments to HIPAA made as part of the Genetic Information Nondiscrimination Act of 2008 (GINA) which added genetic information to the definition of PHI protected under the HIPAA Privacy Rule and prohibits health plans from using or disclosing genetic information for underwriting purposes; and
Clarifies and revises other provisions to reflect other interpretations and information guidance that OCR has issued since HIPAA was passed and to make certain other changes that OCR found appropriate based on its experience administering and enforcing the rules.

Liability & Enforcement Risks Heighten Need To Act To Review & Update Policies & Practices

The restated rules in the 2013 Regulations make it imperative that Covered Entities review the revised rules carefully and updated their policies, practices, business associate agreements, training and documentation to comply with the updated requirements and other enforcement and liability risks. OCR even prior to the regulations has aggressively investigated and enforced the HIPAA requirements.

The commitment of OCR to enforcement most recently was demonstrated by its recent settlement with Hospice of North Idaho (HONI). On January 2, 2013, OCR announced HONI will pay OCR $50,000 to settle potential HIPAA violations that occurred in connection with the theft of an unencrypted laptop computer containing ePHI. The HONI settlement is the first settlement involving a breach of ePHI affecting fewer than 500 individuals.

While the HONI settlement marks the first settlement on a small breach, this is not the first time OCR has sought sanctions against a covered entity for data breaches involving the loss or theft of unencrypted data on a Laptop, storage device or other computer device. Rather, OCR continues to rollout a growing list of enforcement actions demonstrating the potential risks of HIPAA violations are significant and growing. OCR Hits Alaska Medicaid For $1.7M+ For HIPAA Security Breach; OCR Audit Program Kickoff Further Heats HIPAA Privacy Risks; $1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report; HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website; Providence To Pay $100000 & Implement Other Safeguards.

Coupled with statements by OCR about its intolerance, the HONI and other settlements provide a strong warning to covered entities of the need to carefully and appropriately manage their HIPAA encryption and other Privacy and Security responsibilities. Covered entities are urged to heed these warning by strengthening their HIPAA compliance and adopting other suitable safeguards to minimize HIPAA exposures.

In response to the 2013 Regulations and these expanding exposures, all Covered Entities should review critically and carefully the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration OCR’s investigation and enforcement actions, emerging litigation and other enforcement data; their own and reports of other security and privacy breaches and near misses; and other developments to decide if additional steps are necessary or advisable. In response to these expanding exposures, all covered entities and their business associates should review critically and carefully the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration OCR’s investigation and enforcement actions, emerging litigation and other enforcement data; their own and reports of other security and privacy breaches and near misses, and other developments to decide if tightening their policies, practices, documentation or training is necessary or advisable.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

If you need help with HIPAA and other health and health plan related regulatory policy or enforcement developments, or to review or respond to these or other human resources, employee benefit, or other compliance, risk management, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer may be able to help.

About Solutions Law Press, Inc.™

Comments Off on OCR Publishes Long-Anticipated Omnibus Restatement of HIPAA Privacy, Security, Breach Notification & Enforcement Rules | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

OCR Gives HIPAA Guidance On Safety Disclosures

January 17, 2013

Tbe Office of Civil Rights (OCR) has issued a letter to health care providers to ensure that they are aware of their ability under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule to take action, consistent with their ethical standards or other legal obligations, to disclose necessary information about a patient to law enforcement, family members of the patient, or other persons, when they believe the patient presents a serious danger to himself or other people. For more information, see: http://www.hhs.gov/ocr/office/lettertonationhcp.pdf. The Guidance is released on the same day that OCR released its long-awaited omnibus restatement of its HIPAA regulations.

HIPAAFor Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

A Fellow in the American College of Employee Benefit Counsel, State Bar of Texas and American Bar Association, Vice President of the North Texas Health Care Compliance Professionals Association, the Former Chair of the ABA RPTE Employee Benefit & Compensation Group and current Co-Chair of its Welfare Benefit Committee, Vice Chair of the ABA TIPS Employee Benefit Committee, an ABA Joint Committee on Employee Benefits Council Representative, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer serves as the scribe for the ABA Joint Committee on Employee Benefits agency meeting with OCR. Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights on HIPAA and other data privacy and security concerns appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. For instance, Ms. Stamer for the third year will serve in 2013 as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR. Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, SHRM, HIMMS, the American Bar Association, the Health Care Compliance Association, a multitude of health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here.

About Solutions Law Press, Inc.™

Comments Off on OCR Gives HIPAA Guidance On Safety Disclosures | Data Security, GINA, Health Plans, Insurance | Tagged: HIPAA | Permalink
Posted by Cynthia Marcotte Stamer

IRS Offers New Simplified Option For Businesses Claiming Home Office Deductions For Home-Based Business Owners & Workers

January 16, 2013

IRS Says Eligible Home-Based Businesses May Deduct up to $1,500; Saves Taxpayers 1.6 Million Hours A Year

The Internal Revenue Service (IRS) has announced a simplified option that many owners of home-based businesses and some home-based workers may use to figure their deductions for the business use of their homes.

In tax year 2010, the most recent year for which figures are available, nearly 3.4 million taxpayers claimed deductions for business use of a home (commonly referred to as the home office deduction).

The new optional deduction, capped at $1,500 per year based on $5 a square foot for up to 300 square feet, will reduce the paperwork and recordkeeping burden on small businesses by an estimated 1.6 million hours annually.

“This is a common-sense rule to provide taxpayers an easier way to calculate and claim the home office deduction,” said Acting IRS Commissioner Steven T. Miller. “The IRS continues to look for similar ways to combat complexity and encourages people to look at this option as they consider tax planning in 2013.”

The new option provides eligible taxpayers an easier path to claiming the home office deduction. Currently, the IRS generally requires a home-based business to fill out a 43-line form (Form 8829) often with complex calculations of allocated expenses, depreciation and carryovers of unused deductions. Taxpayers claiming the optional deduction will complete a significantly simplified form.

Though homeowners using the new option cannot depreciate the portion of their home used in a trade or business, they can claim allowable mortgage interest, real estate taxes and casualty losses on the home as itemized deductions on Schedule A. These deductions need not be allocated between personal and business use, as is required under the regular method.

Business expenses unrelated to the home, such as advertising, supplies and wages paid to employees are still fully deductible.

Current restrictions on the home office deduction, such as the requirement that a home office must be used regularly and exclusively for business and the limit tied to the income derived from the particular business, still apply under the new option.

The new simplified option is available starting with the 2013 return most taxpayers file early in 2014. Further details on the new option can be found in Revenue Procedure 2013-13, posted on IRS.gov. Revenue Procedure 2013-13 is effective for taxable years beginning on or after January 1, 2013, and the IRS welcomes public comment on this new option to improve it for tax year 2014 and later years. There are three ways to submit comments.

E-mail to: Notice.Comments@irscounsel.treas.gov. Include “Rev. Proc. 2013-13” in the subject line.
Mail to: Internal Revenue Service, CC:PA:LPD:PR (Rev. Proc. 2013-13), Room 5203, P.O. Box 7604, Ben Franklin Station, Washington, DC 20044.
Hand deliver to: CC:PA:LPD:PR (Rev. Proc. 2013-13), Courier’s Desk, Internal Revenue Service, 1111 Constitution Avenue NW, Washington, DC, between 8 a.m. and 4 p.m., Monday through Friday.

The deadline for comment is April 15, 2013.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

If you need help with these or other health benefit or other human resources, employee benefit, insurance, compensation or other compliance, risk management, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer may be able to help.

Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, a member of the Editorial Advisory Board and expert panels of HR.com, Employee Benefit News, InsuranceThoughtLeadership.com, and Solutions Law Press, Inc., management attorney and consultant Ms. Stamer has 25 years of leading edge experience helping employers; health and other employee benefit plans and their sponsors, administrators, fiduciaries; TPAs, insurers, governments, employee leasing, recruiting, staffing and other professional employment organizations; and others design, administer and defend innovative workforce, compensation, employee benefit and management policies and practices. Her experience includes extensive work representing advising these and other clients, governmental bodies, insurance and financial services organizations, third party administrators and others to develop, design, defend and administer creative health, disability, severance and other employee benefit and compensation arrangements, products and services. She also helps these and other clients monitor, address and respond to federal, state, and international health care and insurance and other regulatory, legislative, audit and enforcement developments. Ms. Stamer has worked, extensively on these and other workforce and performance related matters. In addition to her continuous day-to-day involvement helping businesses to manage employment and employee benefit plan concerns, she also has extensive public policy and regulatory experience with these and other matters domestically and internationally. A former member of the Executive Committee of the Texas Association of Business and past Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, Ms. Stamer served as a primary advisor to the Government of Bolivia on its pension privatization law, and has been intimately involved in federal, state, and international workforce, health care, pension and social security, tax, education, immigration, education and other legislative and regulatory reform in the US and abroad. She also is recognized for her publications, industry leadership, workshops and presentations on these and other human resources concerns and regularly speaks and conducts training on these matters. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, and many other national and local publications. For more information about Ms. Stamer and her experience or to get access to other publications by Ms. Stamer see here or contact Ms. Stamer directly. Ms. Stamer regularly works with agencies, publishes and speaks extensively on human resources and employee benefits, medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights on HIPAA and other data privacy and security concerns appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her HIPAA and other experience here.

If you need help with these or other compliance concerns, wish to ask about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides business and management information, tools and solutions, training and education, services and support to help organizations and their leaders promote effective management of legal and operational performance, regulatory compliance and risk management, data and information protection and risk management and other key management objectives. Solutions Law Press, Inc.™ also conducts and assists businesses and associations to design, present and conduct customized programs and training targeted to their specific audiences and needs. For additional information about upcoming programs, to explore becoming a presenting sponsor for an upcoming event, e-mail your request to info@Solutionslawpress.com These programs, publications and other resources are provided only for general informational and educational purposes. Neither the distribution or presentation of these programs and materials to any party nor any statement or information provided in or in connection with this communication, the program or associated materials are intended to or shall be construed as establishing an attorney-client relationship, to constitute legal advice or provide any assurance or expectation from Solutions Law Press, Inc., the presenter or any related parties. If you or someone else you know would like to receive future Alerts or other information about developments, publications or programs or other updates, send your request to info@solutionslawpress.com. CIRCULAR 230 NOTICE: The following disclaimer is included to comply with and in response to U.S. Treasury Department Circular 230 Regulations. ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

Comments Off on IRS Offers New Simplified Option For Businesses Claiming Home Office Deductions For Home-Based Business Owners & Workers | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

IRS Announces Cost of Living & American Taxpayer Relief Act Income Tax Adjustments

January 16, 2013

Revenue Procedure 2013-15 provides the 2013 cost-of-living adjustments for inflation for certain items. The guidance includes adjustments to the tax tables, including items whose values were specified in the American Taxpayer Relief Act of 2012 (ATRA), such as:

The beginning of the 39.6% income tax brackets;
The beginning income levels for the limitation on certain itemized deductions; and
The beginning income levels for the phaseout of the personal exemptions[

In addition Revenue Procedure 2013-5 modifies Revenue Procedure 2011-52 to reflect an amendment to section 132(f)(2) made by ATRA concerning qualified transportation fringe benefits. Specifically, for 2012, the monthly limitation regarding the aggregate fringe benefit exclusion amount for transit passes and transportation in a commuter highway vehicle is $240.

Revenue Procedure 2013-15 will be published in Internal Revenue Bulletin 2013-5 on January 28, 2013.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

About Solutions Law Press, Inc.™

About Solutions Law Press, Inc.™

Comments Off on IRS Announces Cost of Living & American Taxpayer Relief Act Income Tax Adjustments | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Tax-Related ID Theft Growing Problem For IRS, Taxpayers

January 14, 2013

Employers and others collecting, retaining or reporting employee or other tax identification numbers or other sensitive information for tax withholding or reporting purposes should take appropriate steps to protect that information against possible identity theft or other misuse.

The wealth of sensitive personal identification information and financial records makes tax records a highly attractive source of data for identity thieves. According to the Internal Revenue Service (IRS), tax-related identity theft incidents have risen significantly in recent years. Identity theft case receipts increased by more than 650 percent from FY 2008 to FY 2012. At the end of FY 2012, the IRS had almost 650,000 identity-theft cases in its inventory servicewide. The IRS reports the problem has grown worse as organized criminal actors have found ways to steal the Social Security numbers (SSNs) of taxpayers, file tax returns using those taxpayers’ names and SSNs, and obtain fraudulent tax refunds. Then, when the real taxpayer files a return claiming the refund, that return is rejected. The impact on victims is significant. More than 75 percent of taxpayers filing returns are due refunds, which average some $3,000 and are not paid until the IRS fully resolves a case.

When the IRS Commissioner testified in 2008 about identity theft before a Senate Finance Committee hearing. he stated: “My overall goal as the IRS Commissioner is that when a taxpayer [who is an identity theft victim] contacts us with an issue or concern, we have in place a seamless process that gets the issue resolved promptly.” Later that year, the IRS established an “Identity Protection Specialized Unit” (or “IPSU”), which was designed to provide centralized assistance to victims of identity theft. The National Taxpayer Advocate supported the commitment to centralized and prompt victim assistance.

Since that time, the IRS has created numerous task forces and other teams in recent years in an attempt to improve its identity theft processes, yet victims still face the same “labyrinth of procedures and drawn-out timeframes for resolution” that they faced five years ago. The IRS is instructing its employees to advise identity theft victims that it will take 180 days – half a year – to resolve their cases. Complicated cases inevitably will take longer. Thus, the IRS’s procedural changes are not providing faster relief.

The report also says the IRS has decided to reverse course and decentralize victim assistance. It recently created specialized units within each of 21 individual functions to work on identity theft cases, apparently under the belief that most identity theft cases involve a single issue that the relevant specialized unit can work most efficiently. The report expresses concern about this backtracking from a centralized approach.

The Taxpayer Advocate Service (TAS) itself handled nearly 55,000 identity theft cases in FY 2012, most of which involved multiple issues that required actions by multiple units. The report expresses concern that creation of 21 specialized units will erode the centralized role of the IPSU, require taxpayers to speak with multiple functions, increase the time it takes to resolve cases, and heighten the risk that some issues may not be addressed.

“Taxpayers need ‘one-stop shopping’ – a single point of contact they can work with to resolve all issues in their cases – and the IRS needs a ‘traffic cop’ to make sure that all units complete their actions and that parts of cases do not fall through the cracks,” Olson said. “And six months is an unacceptable period of time to expect taxpayer-victims to wait. The IRS must do more to provide the prompt and seamless assistance to identity theft victims that Commissioner Shulman promised.”

While the IRS continues to work on protecting taxpayer data against theft and investigating and resolving tax-related identity theft cases, businesses that collect, retain and report employee, contractor or other personal financial information for tax related or other purposes are urged to take steps to protect the data that they collect and retain against identity theft. Since identity theft may begin when a worker misrepresents his or her identity at the commencement of employment, many employers find it beneficial to take reasonable steps to verify the identity and veracity of the documentation that a worker presents when commencing employment. Once data is collected, businesses and others that have access to personal financial information or other data collected for tax purposes need to recognize their responsibility to safeguard that information against improper use and disclosure under the Internal Revenue Code as well as other applicable laws. If confronted with a “no-match” letter from the Social Security Administration or a complaint or other indication that a worker may have misrepresented his or her identity, or another indication of a breach of this data, businesses should contact experienced legal counsel to aid in the proper investigation of these concerns and the resolution of concerns resulting from this investigation. Where appropriate, the business may need to report its concerns to the IRS or advise a worker or other party reporting a likely identity theft of taxpayer information to the TAS or other appropriate officials.

Businesses needing assistance with investigation or mitigation of a potential theft of tax or other sensitive data, see www.cynthiastamer.com or contact attorney Cynthia Marcotte Stamer.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

About Solutions Law Press, Inc.™

About Solutions Law Press, Inc.™

Comments Off on Tax-Related ID Theft Growing Problem For IRS, Taxpayers | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Tax Saver’s Credit Helps Low & Moderate Income Workers Save For Retirement; Possible Tool To Help Boost Their Participation In Employer Plans

January 11, 2013

As part of its continuing effort to boost retirement savings among Americans, the Internal Revenue Service is reminding low- and moderate-income workers to take steps now to save for retirement and earn a special tax credit in 2012 and the years ahead. Employers sponsoring retirement plans where low participation by low- and moderate income workers adversely impacts the ability of the plan to meet applicable nondiscrimination tests may want to consider incorporating information about the availability of the saver’s credit into their plan related communications as an added tool for helping these workers recognize the potential benefits of contributing.

The saver’s credit helps qualifying low to moderate income workers offset part of the first $2,000 workers voluntarily contribute to IRAs and to 401(k) plans and similar workplace retirement programs. Also known as the retirement savings contributions credit, the saver’s credit is available in addition to any other tax savings that apply.

The saver’s credit can be claimed by:

Married couples filing jointly with incomes up to $57,500 in 2012 or $59,000 in 2013;
Heads of Household with incomes up to $43,125 in 2012 or $44,250 in 2013; and
Married individuals filing separately and singles with incomes up to $28,750 in 2012 or $29,500 in 2013.

Eligible workers still have until April 15, 2013 to make qualifying retirement contributions and get the saver’s credit on their 2012 tax return by setting up a new individual retirement arrangement or adding money to an existing IRA. However, elective deferrals (contributions) must be made by the end of the year to a 401(k) plan or similar workplace program, such as a 403(b) plan for employees of public schools and certain tax-exempt organizations, a governmental 457 plan for state or local government employees, and the Thrift Savings Plan for federal employees. Employees who are unable to set aside money for this year may want to schedule their 2013 contributions soon so their employer can begin withholding them in January.

Like other tax credits, the saver’s credit can increase a taxpayer’s refund or reduce the tax owed. Though the maximum saver’s credit is $1,000, $2,000 for married couples, the IRS cautioned that it is often much less and, due in part to the impact of other deductions and credits, may, in fact, be zero for some taxpayers.

A taxpayer’s credit amount is based on his or her filing status, adjusted gross income, tax liability and amount contributed to qualifying retirement programs. Form 8880 is used to claim the saver’s credit, and its instructions have details on figuring the credit correctly.

In tax-year 2010, the most recent year for which complete figures are available, saver’s credits totaling just over $1 billion were claimed on more than 6.1 million individual income tax returns. Saver’s credits claimed on these returns averaged $204 for joint filers, $165 for heads of household and $122 for single filers.

The saver’s credit supplements other tax benefits available to people who set money aside for retirement. For example, most workers may deduct their contributions to a traditional IRA. Though Roth IRA contributions are not deductible, qualifying withdrawals, usually after retirement, are tax-free. Normally, contributions to 401(k) and similar workplace plans are not taxed until withdrawn.

Other special rules that apply to the saver’s credit include the following:

Eligible taxpayers must be at least 18 years of age.
Anyone claimed as a dependent on someone else’s return cannot take the credit.
A student cannot take the credit. A person enrolled as a full-time student during any part of 5 calendar months during the year is considered a student.

Certain retirement plan distributions reduce the contribution amount used to figure the credit. For 2012, this rule applies to distributions received after 2009 and before the due date, including extensions, of the 2012 return. Form 8880 and its instructions have details on making this computation.

Begun in 2002 as a temporary provision, the saver’s credit was made a permanent part of the tax code in legislation enacted in 2006. To help preserve the value of the credit, income limits are now adjusted annually to keep pace with inflation. More information about the credit is on IRS.gov.

For Help or More Information

About Solutions Law Press, Inc.™

About Solutions Law Press, Inc.™

1 Comment | Corporate Compliance, Employers, GINA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Retirement Plans, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Self-Insured Health Plan Sponsors, Health Insurers Brace To Pay New ACA-Imposed Fees

January 10, 2013

Employers and other self-insured group health plan sponsors and health insurers, adjust your budgets and prepare to open up your wallets to pay additional fees mandated by the Patient Protection and Affordable Care Act (“PPACA”).

Self-insured employers and health insurers generally must begin paying a new fee imposed as part of PPACA. PPACA generally requires that health insurance policy issuers and plan sponsors of self-insured health plans pay the new fee for policy and plan years ending on or after October 1, 2012, and before October 1, 2019 or policy and plan years ending on or after October 1, 2012, and before October 1, 2019. July 31, 2013 is the deadline for reporting and payment of the first fee payment required by these provisions.

The Internal Revenue Service (IRS) and Department of Treasury published final regulations (“Regulations”) implementing these new rules on December 6, 2012. These Regulations include many provisions that are likely to come as a surprise to many employer and other health plan sponsors. Health insurers, employers and other sponsors of self-insured health plans and others responsible for their funding and administration need to review these regulations and make other arrangements to budget for and timely report and pay this required fee.

New Fees Help Fund New Patient-Centered Outcomes Research Institute

PPACA amended the Internal Revenue Code (“Code”) to require the new fee to help fund the establishment and operation of the new Patient-Centered Outcomes Research Institute (the ‘‘Institute’’) to be created by PPACA. Congress intends that the Institute will be a private, nonprofit corporation charged with conducting research to help assist patients, clinicians, purchasers, and policy-makers in making informed health decisions by advancing the quality and relevance of evidence-based medicine through the synthesis and dissemination of comparative clinical effectiveness research findings.

PPACA added new Sections 4375, 4376, and 4377 to the Code to provide a funding source for the Trust Fund. These new Code Sections impose require issuers of specified health insurance policies and plan sponsors of applicable self-insured health plans to pay the new fee by July 31, 2012 for each plan year beginning after September 30, 2012 and before October 1, 2019 to fund the Patient-Centered Outcomes Research Trust Fund (the “Trust Fund”), which in turn will help pay the costs of the Institute.

Code Section 4377(c) provides that the fees imposed by sections 4375 and 4376 are treated as taxes for purposes of subtitle F of the Code (sections 6001 through 7874 that set forth the rules of federal tax procedure and administration).

Fee Amount Calculation & Payment

As amended by PPACA, the Code requires that employers sponsoring self-insured group health plans and most health insurers file a return and pay a fee equal to $1 multiplied by the average number of lives covered under the plan or policy by July 31, 2012. The amount of this fee will increase to $2 multiplied by the average number of lives for post-September 30, 2013 plan years. For post-September 30, 2014 plan years, the Code provides for further adjustments in the fee based on increases in the projected per capita amount of National Health Expenditures.

To meet this requirement, health insurers and plan sponsors must file a Form 720, Quarterly Federal Excise Tax Return along with the required payment once a year on or before July 31 of the calendar year following the last day of the policy year or plan year for which the fee is required to report and pay the fee.

Overview of ACA Rules Requiring Payment of Fee

The Code now separately assesses a fee on issuers of health insurance policies and on plan sponsors of self-insured health plans for each policy year ending on or after October 1, 2012 and before October 1, 2019. Code Section 4375 requires payment of a fee by “issuers” of “specified health insurance policies.” Code Section 4376 requires “sponsors” of self-insured health plans to pay a fee.

Each of these Code Sections basically uses the same formula to calculate the required fee owing by a health insurance issuer or a self-insured plan sponsor. The amount of the required fee due on July 31, 2013 for plan years beginning on or before October 1, 2013 will be one dollar multiplied by the average number of lives covered by the policy or plan. The fee due on July 31, 2014 for plan years beginning between October 2, 2013 and October 1, 2014 is set to increase to two dollars multiplied by the average number of lives covered under the policy. For policy or plan years ending on or after October 1, 2014, PPACA provides for additional increases in the required fee based on increases in the projected per capita amount of National Health Expenditures. See Treas. Reg. §§ 46.4375–1; Rejecting arguments that Congress only intended to require that either the insurer or the plan sponsor pay a fee annually, the Regulations construe these requirements as obligating both a self-insured health plans sponsor and an insurer to pay a separate fee annually, even if the fee is assessed upon the same lives.

The Preamble to the Regulations states that a self-insured plan sponsor must pay the fee with respect to arrangements where the plan design layers a self-insured portion of the plan with an insured portion, even though the insurer also must pay the fee with respect to the insured portion.

The fee calculation differs slightly for purposes of determining the fee a self-insured plan sponsor owes versus the fee owed by an insurer. Regardless, however, the Regulations state that for purposes of calculating these numbers, retirees and beneficiaries continuing coverage under the group medical coverage continuation rules generally count. The Preamble to the Regulations states that the IRS views retiree-only plans and COBRA coverage subject to the tax imposed under Code § 4375 and plan sponsors may be required to pay the tax under Code § 4376. Concerning retiree-only coverage, the Preamble states:

Although group health plans that have fewer than two participants who are current employees (such as retiree-only plans) are excluded from the requirements of Code chapter 100 (setting forth requirements applicable to group health plans such as portability, nondiscrimination, and market reform requirements), this exclusion does not apply to Code §§ 4375 and 4376 because these sections are in chapter 34; and
For self-insured arrangements, Code § 4376(c)(2)(A) states explicitly that an applicable self-insured health plan includes a plan established or maintained by one or more employers for the benefit of their employees or former employees.

Section 4376 Fee For Self-Insured Plan Sponsors

Applicability of Code Section 4376 Fee To Self-Insured Health Plans. The fee under Code Section 4376 applies to the plan sponsor of an applicable self-insured health plan.

Section 4376(c) defines an applicable self-insured health plan as any plan for providing accident or health coverage if any portion of the coverage is provided other than through an insurance policy, and the plan is established or maintained by either:

One or more employers for the benefit of their employees or former employees;
One or more employee organizations for the benefit of their members or former members;
Jointly by one or more employers and one or more employee organizations for the benefit of employees or former employees;
By a voluntary employees’ beneficiary association described in Code Section 501(c)(9); or
By any organization described in section 501(c)(6), or (6) if not previously described, by a multiple employer welfare arrangement (as defined in section 3(40) of the Employee Retirement Income Security Act (“ERISA”), a rural electric cooperative under ERISA Section 3(40)(B)(iv), or a rural telephone cooperative association under ERISA Section 3(40)(B)(v). See Code § 4376; Regulation §46.4376–1(a), (b)(1).

Code Section 4376(b)(1) requires that the plan sponsor of a self-insured health plan pay the required fee for self-insured health plans imposed by Section 4376(a). For this purpose, Code Section 4376(b)(2) defines a plan sponsor as:

The employer in the case of a plan established or maintained by a single employer;
The employee organization in the case of a plan established or maintained by an employee organization;
The association, committee, joint board of trustees, or other similar group of representatives of the parties who establish or maintain the plan in the case of: (1) a plan established or maintained by two or more employers or jointly by one or more employers and one or more employee organizations; (2) a multiple employer welfare arrangement; or (3) a voluntary employees’ beneficiary association described in Code Section 501(c)(9); or
The cooperative or association that establishes the plan in the case of a plan established or maintained by a rural electric cooperative or rural telephone cooperative association within the meaning of ERISA.

Regulation § 46.4376-2(b)(2) defines plan sponsor to mean the following:

The employer for a self-insured health plan established or maintained by a single employer;
The employee organization for a self-insured health plan established or maintained by an employee organization;
The joint board of trustees for a multiemployer plan within the meaning of Code §414(f));
The committee, in the case of a multiple employer welfare arrangement within the meaning of Section 3(40) of the Employee Retirement Income Security Act (“ERISA”);
The cooperative or association that establishes or maintains an applicable self-insured health plan established or maintained by a rural electric cooperative under ERISA § 3(40)(B)(iv) or rural cooperative association under ERISA 3(40)(B)(v);
The trustee, in the case of an applicable self-insured health plan established or maintained by a voluntary employees’ beneficiary association under Code § 501(c)(9) not merely serving as a funding vehicle for a plan that is established or maintained by an employer or other person;
In the case of an applicable self-insured health plan the plan sponsor of which is not previously described, the person identified by the terms of the document under which the plan is operated as the plan sponsor, or the person designated by the terms of the document under which the plan is operated as the plan sponsor for Code § 4376 purposes, provided that designation is made in writing, and that person has consented to the designation in writing, by no later than the date by which the return paying the fee under section 4376 for that plan year is required to be filed, after which date that designation for that plan year may not be changed or revoked, and provided further that a person may be designated as the plan sponsor only if the person is one of the persons establishing or maintaining the plan (for example, one of the employers that establishes or maintains the plan with one or more other employers or employee organizations); or
Where an applicable self-insured health plan sponsor is not previously and for which no identification or designation of a plan sponsor has been made under the prior paragraph the plan sponsor means, each employer that establishes or maintains the plan with respect to employees of that employer, each employee organization that establishes or maintains the plan with respect to members of that employee organization, and each board of trustees, cooperative, or association that establishes or maintains the plan.

While the fee will impact most health insurance policies and self-insured plans, the Code does exempt a few arrangements. See Code § 4376. Regulation § 46.4376-1(b)(2) construes these exemptions to include the following categories of programs:

A plan that provides benefits substantially all of which are excepted benefits for purposes of the HIPAA Portability Rules under Code § 9832(c). Pursuant to this provision, for instance, the Regulations state that a health flexible spending arrangement (health FSA) under Code § 106(c)(2)) that satisfies the requirements to be treated as an excepted benefit under Code § 9832(c) and Regulation § 54.9831–1(c)(3)(v) is not an applicable self-insured health plan. However, a health FSA that is not treated as an excepted benefit under Code § 9832(c) and Regulation § 54.9831–1(c)(3)(v) is an applicable self-insured health plan.
An employee assistance program, disease management program, or wellness program if the program does not provide significant benefits in the nature of medical care or treatment.
A plan that, as demonstrated by the facts and circumstances surrounding the adoption and operation of the plan, was designed specifically to cover primarily employees who are working and residing outside the United States (as defined in § 46.4377–1(a)(3)). See Regulation § 46.4376–1(b)(ii).

Where the same plan sponsor maintains multiple self-insured arrangements Regulation § 46.4376(b)(iii) specifies that the employer may treat two or more arrangements established or maintained by the same plan sponsor that provide accident and health coverage other than through an insurance policy and that have the same plan year as a single applicable self-insured health plan for purposes of reporting and calculating the Code § 4376 fee.

Calculation Of Self-Insured Plan Fee Under Code § 4376

Regulation § 46.4376-1 requires that a self-insured plan sponsor determine the number of covered lives for purposes of calculating the fee using on of the following methods:

The actual count method where the plan sponsor adds the totals of lives covered for each day of the plan year and divides that total by the number of days in the plan year;
The snapshot method, the plan sponsor adds the totals of lives covered on a date during the first, second, or third month of each quarter of the plan year (or more dates in each quarter if an equal number of dates is used in each quarter), and divides that total by the number of dates on which a count was made in accordance with rules set forth in the Regulations. For instance, Each date used for the second, third and fourth quarter must be within three days of the date in that quarter that corresponds to the date used for the first quarter, and all dates used must fall within the same plan year. If a plan sponsor uses multiple dates for the first quarter, the plan sponsor must use dates in the second, third, and fourth quarters that correspond to each of the dates used for the first quarter or are within three days of such corresponding dates, and all dates used must fall within the same plan year. The 30th and 31st day of a month are treated as the last day of the month for purposes of determining the corresponding date for any month that has fewer than 31 days. The number of lives covered on a designated date using this method may be determined using either the snapshot factor method or the snapshot count method set forth in the Regulations. In the snapshot factor method, the number of lives covered on a date is equal to the sum of: (1) the number of participants with self-only coverage on that date; plus (2) the number of participants with coverage other than self-only coverage on the date multiplied by 2.35. In the snapshot count method, the number of lives covered on a date equals the actual number of lives covered on the designated date. The plan sponsor must use the same method of calculating the average number of lives covered under the plan consistently for the duration of the plan year. However, a plan sponsor may use a different method from one plan year to the next.
The Form 5500 method, where the plan sponsor determines the average number of lives covered under a plan for a plan year as the result of the sum of the total participants covered at the beginning and the end of the plan year, as reported on the Form 5500 or Form 5500–SF for the applicable self-insured health plan, divided by 2. This method is only available if the Form 5500 is filed by the due date for payment of the fee. This means where a plan administrator extends filing beyond July 31, the plan sponsor cannot use this method.

The Regulations establish a special rule for lives covered solely by the fully-insured options under an applicable self-insured health plan. Under this special rule, when an applicable self-insured health plan provides accident and health coverage through fully insured options and self-insured options, the plan sponsor is permitted to disregard the lives that are covered solely under the fully-insured options in determining the lives covered taken into account for the actual count method, the snapshot method, and the Form 5500 method.

As for insured plans, the Regulations also provide special rules for determining the fee the first year the fee is in effect. Under this rule, for a plan year beginning before July 11, 2012, and ending on or after October 1, 2012, a plan sponsor may determine the average number of lives covered under the plan for the plan year using any reasonable method.

Section 4375 Fee For Insurers

The fee under Code Section 4375 generally applies to issuers of a “specified health insurance policy.” Code Section 4375(c) generally defines a specified health insurance policy as any accident or health insurance policy (including a policy under a group health plan) issued with respect to individuals residing in the United States. Code Section 4377(a)(1) defines accident and health coverage as any coverage that, if provided by an insurance policy, would cause the policy to be a specified health insurance policy under Code Section 4375. See Treas. Reg. § 46.4375–1.

Policies Subject To Fee. Regulation § 46.4377–1(a) defines a “specified health insurance policy” as “any accident and health insurance policy (including a policy under a group health plan) issued with respect to individuals residing in the United States” other than those recognized as exempt by the Regulation. The Regulation makes clear that this includes any policy that provides accident and health coverage to an active employee, former employee, or qualifying beneficiary, as continuation coverage required under the Consolidated Omnibus Budget Reconciliation Act of 1985 (COBRA) or similar continuation coverage under other Federal law or state law.

However Regulation § 46.4377-1(a)(ii) exempts the following arrangements from the definition of a specified health insurance policy.

Any insurance policy if substantially all of its coverage is of excepted benefits described in Code Section 9832(c);
Any group policy issued to an employer where the facts and circumstances show that the group policy was designed and issued specifically to cover primarily employees who are working and residing outside of the United States for purposes of Regulation § 46.4377–1(a)(3);
Any stop loss or indemnity reinsurance policy; or
Any insurance policy to the extent it provides an employee assistance program, disease management program, or wellness program if the program does not provide significant benefits in the nature of medical care or treatment.

Fee Calculation. The amount of the fee an insurer must pay for a policy for a policy year under Code § 4375 is equal to the product of the average number of lives covered under the policy for the policy year, multiplied by the applicable dollar amount for that policy year.

The applicable dollar amount multiplier is $1 for the fee due on October 1, 2013; $2 for the fee due on October 1, 2014, and the adjusted amount for fees due after October 1, 2014.

Determination Of The Average Number Of Lives Covered. To determine the average number of lives covered under a specified health insurance policy during a policy year, the Regulation requires an issuer to use one of the following methods:

The actual count method, where the issuer determines the average number of lives covered under a policy for a policy year under the actual count method by adding the total number of lives covered for each day of the policy year and dividing that total by the number of days in the policy year;
The snapshot method, where the issuer determines the average number of lives covered under a policy for a policy year by adding the totals of lives covered on a date during the first, second, or third month of each quarter (or more dates in each quarter if an equal number of dates is used for each quarter), and dividing that total by the number of dates on which a count is made. Each date used for the second, third and fourth quarters must be within three days of the date in that quarter that corresponds to the date used for the first quarter, and all dates used must be within the same policy year. If an issuer uses multiple dates for the first quarter, the issuer must use dates in the second, third, and fourth quarters that correspond to each of the dates used for the first quarter or are within three days of such corresponding dates, and all dates used must be within the same policy year. The 30th and 31st day of a month are treated as the last day of the month for purposes of determining the corresponding date for any month that has fewer than 31 days (for example, if either March 30 or March 31 is used as a counting date for a calendar year policy, June 30 is the corresponding date for the second quarter);
The member months method, where the issuer determines the average number of lives covered under all policies in effect for a calendar year based on the member months (an amount that equals the sum of the totals of lives covered on prespecified days in each month of the reporting period) reported on the National Association of Insurance Commissioners (“NAIC”) Supplemental Health Care Exhibit filed for that calendar year. Under this method, the average number of lives covered under the policies in effect for the calendar year equals the member months divided by 12; or
The state form method, where an insurer not required to file NAIC annual financial statements may determine the number of lives covered under all policies in effect for the calendar year using a form filed with the issuer’s state of domicile and a method similar to the member months method if the form reports the number of lives covered in the same manner as member months are reported on the NAIC Supplemental Health Care Exhibit. See Regulation § 46.4375–1(c)(2)(i).

Issuers must use the same method of calculating the average number of lives covered under a policy consistently for the duration of the year and must use the same method of computing lives for all policies for which a liability is reported on a Form 720, “Quarterly Federal Excise Tax Return,” for a particular year. Regulation § 46.4375–1(c)(2)(ii). However, the Regulation allows an issuer that determines the average number of lives covered by using the actual count method or the snapshot method to change its method of computing the average lives covered to the snapshot method or actual count method, respectively, provided that the issuer uses the same method for computing the average lives covered for all policies for which a liability is reported on the Form 720 for that year. Regulation § 46.4375–1(c)(2).

The Regulations also impose various other special rules. For instance, the Regulations state that if the issuer elects to determine the average number of lives covered for all policies in effect during a calendar year using the member months method or the state form method, the applicable dollar amount with respect to such issuer’s policies for such calendar year is the applicable dollar amount for policy years ending on December 31 of such calendar year, except that the applicable dollar amount with respect to such an issuer’s policies for calendar year 2019 is the applicable dollar amount for policy years ending on September 30, 2019. The Regulations provide various examples of these calculations to illustrate the rules.

The Regulations also provide special rules for the first year and the last year the fee is in effect for an insurer. See Regulation § § 46.4375–1(c).

Plans, Insurers Should Evaluate Options, Plan To Pay Required Fees

The impending obligation provides yet another reason that employers and other self-insured plan sponsors, administrators, insurers, and vendors should re-evaluate their existing health plan designs and costs. Most health insurers and self-insured health plan sponsors will want not only to budget for the impending additional costs associated with these fees, but also evaluate options for mitigating their impact, as well as the costs and administrative burden of tracking and making the required filings. For instance, insurers and plan sponsors of programs subject to these new fees generally will want to evaluate which of the options for collecting the data and calculating the fees will most benefit them. Also, where plan designs used by particular employer or other plan sponsors include both insured and self-insured features, the insurer, plan sponsor and their advisors may want to consider the advisability of restructuring or redesigning plans to mitigate fees or administrative or other expenses. In all cases, parties should audit their programs to ensure that each program and its element is identified and properly taken into account to avoid inadvertent oversights resulting in penalties or other avoidable costs.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

About Solutions Law Press, Inc.™

About Solutions Law Press, Inc.™

Comments Off on Self-Insured Health Plan Sponsors, Health Insurers Brace To Pay New ACA-Imposed Fees | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

1st OCR Small HIPAA Breach Settlement Shows Plans, Other Covered Entities At Risk From Small Breach Reports Too

January 3, 2013

$50K Settlement Shows Small Breach Reports Carry Enforcement Risk

Properly encrypt and protected electronic protected health information (ePHI) on laptops and in other mediums! That’s the clear message of the Department of Health and Human Services (HHS) Office of Civil Rights (OCR) in its announcement of its first settlement under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule involving a breach of ePHI of fewer than 500 individuals by a HIPAA-covered entity, Hospice of North Idaho (HONI).

In announcing the settlement against HONI, OCR sent a clear message that OCR stands ready to penalize these health care providers, health plans, healthcare clearinghouses and their businesses associates (covered entities) when their failure to properly secure and protect ePHI on laptops or in other systems results in a breach of ePHI even when the breach affects fewer than 500 individuals.

OCR Director Leon Rodriguez reiterated OCR’s expectation that covered entities will properly encrypt ePHI on mobile or other devices in OCR’s announcement of the HONI settlement. “This action sends a strong message to the health care industry that, regardless of size, covered entities must take action and will be held accountable for safeguarding their patients’ health information.” said OCR Director Leon Rodriguez. “Encryption is an easy method for making lost information unusable, unreadable and undecipherable.”

In light of this latest clear warning, health plans and their fiduciaries, sponsors and administrators, health care providers, health care clearinghouses and their business associates should review plans, practices and data security as affecting ePHI and other protected health information on mobile and other devices.

HONI Settlement For Small Breach Notification

On January 2, 2013, OCR announced HONI will pay OCR $50,000 to settle potential HIPAA violations that occurred in connection with the theft of an unencrypted laptop computer containing ePHI. The HONI settlement is the first settlement involving a breach of ePHI affecting fewer than 500 individuals. Read the full HONI Resolution Agreement here.

OCR opened an investigation after HONI reported to HHS that an unencrypted laptop computer containing ePHI of 441 patients had been stolen in June 2010. HONI team members regularly use Laptops containing ePHI their field work. Over the course of the investigation, OCR discovered that HONI had not conducted a risk analysis to safeguard ePHI or have in place policies or procedures to address mobile device security as required by the HIPAA Security Rule. Since the June 2010 theft, HONI has taken extensive additional steps to improve their HIPAA Privacy and Security compliance program.

HIPAA Security & Breach Notification For ePHI

The HONI settlement is notable because it marks the first time OCR has sanctioned a covered entity as a result of an OCR investigation stemming from the covered entity’s report of a breach of unsecured protected health information involving fewer than 500 individuals under new breach notification rules added to HIPAA in 2009.

Under the originally enacted requirements of HIPAA, covered entities and their business associates are required to restrict the use, access and disclosure of protected health information and establish and administer various other policies and safeguards in relation to protected health information. Additionally, the Security Rules require specific encryption and other safeguards when covered entities collect, create, use, access, retain or disclose ePHI.

The Health Information Technology for Economic and Clinical Health (HITECH) Act amended HIPAA, among other things to tighten certain HIPAA requirements, expand its provisions to directly apply to business associates, as well as covered entities and to impose specific breach notification requirements. The HITECH Act Breach Notification Rule requires covered entities to report an impermissible use or disclosure of protected health information, or a “breach,” of 500 individuals or more (Large Breach) to the Secretary of HHS and the media within 60 days after the discovery of the breach. Smaller breaches affecting less than 500 individuals (Small Breach) must be reported to the Secretary on an annual basis. Since the Breach Notification Rule took effect, OCR’s announced policy has been to investigate all Large Breaches and such investigations have resulted in settlements or other corrective action in relation to various Large Breaches. Until now, however, OCR has not made public any resolution agreements requiring settlement payments involving any Small Breaches.

Enforcement Actions Highlight Growing HIPAA Exposures For Covered Entities

While the HONI settlement marks the first settlement on a small breach, this is not the first time OCR has sought sanctions against a covered entity for data breaches involving the loss or theft of unencrypted data on a Laptop, storage device or other computer device. In fact, OCR’s first resolution agreement – reached before Congress added the HIPAA Breach Notification Rules to HIPAA – stemmed from such a breach. Providence To Pay $100000 & Implement Other Safeguards. Breaches resulting from the loss or theft of unencrypted ePHI on mobile or other computer devices or systems has been a common basis of investigation and sanctions since that time, particularly since the Breach Notification rules took effect including breaches of ePHI involving compromised health plan information. See, e.g., OCR Hits Alaska Medicaid For $1.7M+ For HIPAA Security Breach. Coupled with statements by OCR about its intolerance, the HONI and other settlements provide a strong warning to covered entities to properly encrypt ePHI on mobile and other devices.

Furthermore, the HONI settlement also adds to growing evidence of the growing exposures that health care providers, health plans, health care clearinghouses and their business associates need to carefully and appropriately manage their HIPAA encryption and other Privacy and Security responsibilities. See OCR Audit Program Kickoff Further Heats HIPAA Privacy Risks; $1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report; HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website. Covered entities are urged to heed these warning by strengthening their HIPAA compliance and adopting other suitable safeguards to minimize HIPAA exposures.

In the face of rising enforcement and fines, OCR’s initiation of HIPAA audits and other recent developments, covered entities and their business associates should tighten privacy policies, breach and other monitoring, training and other practices to reduce potential HIPAA exposures in light of recently tightened requirements and new enforcement risks.

In response to these expanding exposures, all covered entities and their business associates should review critically and carefully the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration OCR’s investigation and enforcement actions, emerging litigation and other enforcement data; their own and reports of other security and privacy breaches and near misses, and other developments to decide if additional steps are necessary or advisable.

New OCR HIPAA Mobile Device Educational Tool

While OCR enforcement of HIPAA has significantly increased, compliance and enforcement of the encryption and other Security Rule requirements of HIPAA are a special focus of OCR.

To further promote compliance with the Breach Notification Rule as it relates to ePHI on mobile devices, OCR and the HHS Office of the National Coordinator for Health Information Technology (ONC) recently kicked off a new educational initiative, Mobile Devices: Know the RISKS. Take the STEPS. PROTECT and SECURE Health Information. The program offers health care providers and organizations practical tips on ways to protect their patients’ health information when using mobile devices such as laptops, tablets, and smartphones. For more information, see here. For more information on HIPAA compliance and risk management tips, see here.

For Help With Compliance, Risk Management, Investigations, Policy Updates Or Other Needs

If you need help monitoring HIPAA and other health and health plan related regulatory policy or enforcement developments, or to review or respond to these or other human resources, employee benefit, or other compliance, risk management, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer may be able to help.

About Solutions Law Press, Inc.™

About Solutions Law Press, Inc.™

1 Comment | Corporate Compliance, Employers, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Internal Investigations, Privacy, Risk Management, Whistleblower | Tagged: Backpay, Employer, Employment, employment law, Fair Labor Standards Act, FSLA, IT, Labor Department, Minimum Wage, Technology, Wage & Hour, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Catch Up On Health Reform & Other Key Employee Benefits & Insurance Issues Emerging Issues and Litigation Relating to Life, Health, Disability and ERISA Symposium In Ft. Lauderdale

December 7, 2012

Cynthia Marcotte Stamer will be one of the featured panelists discussing “Implications of PPACA” on January 18, 2013 at the American Bar Association Tort Trial & Insurance Practice Section’s (TIPS) 39th Annual TIPS Midwinter Symposium on Insurance and Employee Benefits “Emerging Issues and Litigation Relating to Life, Health, Disability and ERISA” in Fort Lauderdale.

The “Implications on PPACA” program scheduled at 3:30 p.m. on January 18, 2012 is one of many content-rich series of programs on employee benefit and insurance issues that leading practitioners will lead during the Symposium W Hotel Fort Lauderdale in Fort Lauderdale, FL on January 17-19, 2013. To register, review the full agenda or get additional information about the Symposium, see here.

About Ms. Stamer

Managing Editor of Solutions Law Press, Inc. and a noted Texas-based employee benefits and employment lawyer with extensive involvement in the leadership of the ABA and other professional organizations involved in employee benefits, health care and workforce matters, is nationally and internationally known for her knowledgeable and creative leadership and work as an attorney, consultant, policy advocate, speaker and author helping businesses, governments, and communities on health and other insurance and employee benefits, patient education and empowerment, wellness and disease management, and other programs, policies, and processes. For more than 24 years, Ms. Stamer’s legal practice has focused on advising and representing employers, insurers, health care providers, community leaders and governments about health care and employee benefits policy and process improvement, quality, performance management, education, compliance, communications, risk management, reimbursement and finance, and other related matters. In addition to her legal practice, Stamer also extensively consults and provides leadership to a broad range of clients, professional and civic organizations, and others on strategies for improving the health care system and the ability of health care providers, payers, employers, community organizations, government agencies to promote the ability of patients and their families to access cost-effective, quality, affordable health care and other resource needs. She also has worked extensively with a broad range of business and government clients on health care, pension, social security, workforce, insurance and many other related policy matters.

In addition to her service with TIPS, Ms. Stamer also is active in the leadership of a broad range of other professional and civil organizations. For instance, Ms. Stamer presently serves as Executive Director of Project COPE, the Coalition on Patient Empowerment and the Coalition for Responsible Healthcare Policy; Vice President of the North Texas Healthcare Compliance Professionals Association; Immediate Past Chair of the American Bar Association RPTE Employee Benefits & Other Compensation Committee and its representative to the ABA Joint Committee on Employee Benefits and Vice Chair of its Welfare Benefits Committee; Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and a current member of its Healthcare Coordinating Council; and as the Gulf Coast TEGE Council TE Committee Coordinator. She previously served as a founding Board Member and President of the Alliance for Healthcare Excellence, as a Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; the Board President of the early retirement intervention agency, The Richardson Development Center for Children; Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a member of the Board of Directors of the Southwest Benefits Association; on many seminar faculties and in many other professional and civic leadership and volunteer roles.

Author of the hundreds of publications and workshops these and other employment, employee benefits, health care, insurance, workforce and other management matters, Ms. Stamer’s insights on employee benefits, insurance, health care and workforce matters in Atlantic Information Services, The Bureau of National Affairs, HealthLeaders, Modern Healthcare, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other publications. Nationally known for her work on health care reform and related matters, Ms. Stamer also regularly conducts training and speaks on these and other management, compliance and public policy concerns. For more information about Ms. Stamer, upcoming training, publications or other materials or events, see here or contact Ms. Stamer directly via email here or (469) 767-8872.

Comments Off on Catch Up On Health Reform & Other Key Employee Benefits & Insurance Issues Emerging Issues and Litigation Relating to Life, Health, Disability and ERISA Symposium In Ft. Lauderdale | 105(h), Affordable Care Act, CHIP, COBRA, Disability, Disability, Employee Benefits, Employers, Employment Tax, ERISA, Excise Tax, Fiduciary Responsibility, FMLA, Health Care Reform, Health Plans, HIPAA, Human Resources, Income Tax, Insurance, Malpractice, Medicare Part D, Mental Health, Mental Health Parity, Patient Empowerment, Patient Protection and Affordable Care Act, Payroll Tax, Preemption, Prescription Drugs, Protected Health Information, Reporting & Disclosure, Tax Credit, Wellness Programs | Tagged: Affordable Care Act, ERISA, HIPAA | Permalink
Posted by Cynthia Marcotte Stamer

New OCR HIPAA De-Identification Guidance Among Developments Covered In 12/12 HIPAA Update Web Workshop

November 27, 2012

Get Up To Date On Details of New De-Identification Guidance & Other HIPAA Developments By Participating In 12/12 HIPAA Update Web Workshop

Health care providers, health plans, health care clearinghouses (covered entities) and their business associates and leadership should check and update their policies and practices for the de-identification of protected health information (PHI) in light of newly-released Guidance Regarding Methods for De-identification of Protected Health Information in Accordance With the Health Insurance Portability and Accountablity Act (HIPAA) Privacy Rule (Guidance) released by the Department of Health & Human Services (HHS) Office of Civil Rights yesterday (November 26, 2012).

Solutions Law Press, Inc. will host a one-hour, online HIPAA Update Workshop on the Guidance and other recent regulatory and enforcement developments under HIPAA for covered entities and their business associates on Wednesday, December 12 beginning at Noon Central Time. To register, see here.

PHI collected by health care providers, health plans, their management, sponsors, and vendors often includes a wealth of information valuable for use for functions unrelated to the HIPAA-covered functions and activities that leads covered entities or their business associates to collect or keep this data. While it might be tempting to repurpose this information for business planning and marketing purposes, covered entities and their business partners or associates frequently assume that covered entities and others that they deal with must take proper steps to that no PHI is used, accessed, disclosed or shared unless that action is allowed under the Privacy Rules, properly de-identified, or both.

When planning to rely upon the de-identification of PHI to engage in these activities, parties planning to rely upon HIPAA’s exception for de-identified PHI will want to consult new guidance just released by OCR about the de-identification requirements before moving forward. Existing Privacy Rules and the Guidance recognize two alternative methods that covered entities and their business can use to properly de-identify PHI for purposes of the HIPAA Privacy Rule.

OCR published the Guidance to help covered entities to understand what qualifies as de-identification, the general process by which de-identified information is created, and the options available for performing de-identification for purposes of the HIPAA Privacy Rule. The publication of this guidance was mandated as part of amendments to HIPAA enacted by Health Information Technology for Economic and Clinical Health (HITECH) Act included in the American Recovery and Reinvestment Act of 2009 (ARRA). Section 13424(c) of the HITECH Act requires the HHS to issue guidance on how best to implement the requirements for the de-identification of health information contained in the Privacy Rule.

De-identification & Its Rationale Under Privacy Rule

The Privacy Rule was designed to protect individually identifiable health information through permitting only certain uses and disclosures of PHI provided by the Rule, or as authorized by the individual subject of the information. However, in recognition of the potential utility of health information even when it is not individually identifiable, §164.502(d) of the Privacy Rule permits a covered entity or its business associate to create information that is not individually identifiable by following the de-identification standard and implementation specifications in Privacy Rule §164.514(a)-(b). These provisions allow the entity to use and disclose information that neither identifies nor provides a reasonable basis to identify an individual provided the Covered Entity can show that the PHI has been de-identified in accordance with either the Expert Determination Method or the Safe Harbor Method of the de-identification standard of the Privacy Rule and is not re-identified. Regardless of the method used to de-identify PHI, the Privacy Rule does not restrict the use or disclosure of de-identified health information, as it is no longer considered PHI and is not re-identified.

Privacy Rule De-Identification Implementation Standards Permit Alternative Methods of De-identification

Section 164.514(a) of the HIPAA Privacy Rule provides the standard for de-identification of protected health information. Under this standard, health information is not individually identifiable if it does not identify an individual and if the covered entity has no reasonable basis to believe it can be used to identify an individual. See Privacy Rule § 164.514.

Sections 164.514(b) and (c) of the Privacy Rule contain the implementation specifications that a covered entity must follow to meet the de-identification standard. As summarized in Figure 1, the Privacy Rule provides two methods by which health information can be designated as de-identified:

The formal determination by a qualified expert in accordance with the Privacy Rule (Expert Determination Method); or
The removal of specified individual identifiers as well as absence of actual knowledge by the covered entity that the remaining information could be used alone or in combination with other information to identify the individual (Safe Harbor Method).

In order for PHI to qualify as de-identified under the “Expert Determination Method, Privacy Rule § 164.514(b)(1) requires that a person with appropriate knowledge of and experience with generally accepted statistical and scientific principles and methods for rendering information not individually identifiable:

Applying such principles and methods, determines that the risk is very small that the information could be used, alone or in combination with other reasonably available information, by an anticipated recipient to identify an individual who is a subject of the information; and
Documents the methods and results of the analysis that justify such determination.

Alternatively, Privacy Rule § 164.514(b)(2) provides that PHI will qualify as de-identified under the Safe Harbor Method if:

All of an extensive list of identifiers of the individual or of relatives, employers, or household members of the individual, are removed from the data; and
The covered entity does not have actual knowledge that the information could be used alone or in combination with other information to identify an individual who is a subject of the information.

As long as the data is not re-identified, the Guidance indicates that a covered entity may prove fulfillment of the de-identification standard of Privacy Rule §164.514(a) by showing satisfaction of all applicable requirements of either method. Under the Privacy Rule, de-identified health information created following these methods is no longer protected by the Privacy Rule because it does not fall within the definition of PHI. Of course, de-identification leads to information loss which may limit the usefulness of the resulting health information in certain circumstances. Consequently, covered entities may wish to select de-identification strategies that minimize such loss.

Both alternatives for de-identification under the Privacy Rule require that covered entities and their business associates decide whether and how to keep the option for re-identification of PHI slated for de-identification and where applicable, appropriately manage the re-identification opportunity and data to avoid violation of the Privacy Rule.

According to the Privacy Rule, if a covered entity or business associate successfully undertook an effort to identify the subject of de-identified information it maintained, the health information now related to a specific individual would again be protected by the Privacy Rule, as it would meet the definition of PHI. Disclosure of a code or other means of record identification designed to enable coded or otherwise de-identified information to be re-identified is also considered a disclosure of PHI. In this regard, Privacy Rule §164.514(c) specifies that if the covered entity assigns a code or other means of record identification to allow information de-identified under this section to be re-identified by the covered entity, themeans of record identification is not derived from or related to information about the individual and is not otherwise capable of being translated so as to identify the individual; it can’t use elements of the protected PHI as the re-identification key,must safeguard the key, and can’t use or disclose the key or other re-identification tool for any other purpose.

Preparing For, Guiding & Documenting The De-identification Process For Defensibility

The Guidance stresses that importance of documentation for which values in health data correspond to PHI, as well as the systems that manage PHI and its risk of identification or re-identification in the de-identification process cannot be overstated.

The Guidance provides guidance to help guide covered entities and their business associates through the steps and analysis of using the Expert Determination versus Safe Harbor Method. A review of this Guidance makes clear that the design and administration of the de-identification process under either method requires careful and well-documented planning, analysis and implementation to fulfill and to keep the documentation that a covered entity or business associate might need to defend its decision to treat and use PHI as de-identified under the Privacy Rule against a potential audit or enforcement inquiry. The Guidance also seeks to further illuminate the requirements for effective de-identification through a series of questions and answers, supplemented by work flow and other charts, examples and other illustrations and tips on the proper use of each alternative Method and managing risks and the process associated with that Method. A Glossary of Terms also is shared. The discussion in the Guidance makes clear that covered entities and their businesses associates using either Method to de-identify PHI should be prepared to make a number of judgments about which Method to use, whether and how to make arrangements for re-identification, and how to properly manage the process to meet the requirements of the implementation standard and manage re-identification or other risks.

Register For 12/12 HIPAA Update Web Workshop To Catch Up On De-Identification Guidance & Other HIPAA & Texas HIPAA Regulatory & Enforcement Developments

Training and compliance mandates applicable to covered entities and their business associates under the newly strengthened Texas HIPAA law and HIPAA’s Privacy and Breach Notification Rules make it more important than ever that covered entities and their business associates get the timely training and other assistance needed to properly comply with requirements for the protection of PHI under the new Guidance and other HIPAA and Texas HIPAA mandates.

To aid in this process, Solutions Law Press, Inc. will host a 2012 HIPAA Update Web Workshop covering the new Guidance on de-identification and other regulatory and enforcement developments under HIPAA and the newly amended Texas HIPAA law on December 12, 2012 from 1:00 P.M.-2:00 P.M. Eastern | Noon – 1:00 P.M. Central | 11:00 A.M-Noon Mountain | 10:00A.M-11:00 A.M. Pacific Time.

Expanded health care privacy mandates of the Texas Medical Records Privacy Act that take effect September 1, 2012 and HIPAA regulations require covered entities and their business associates conduct training and take other steps to protect the privacy and security of PHI.

Complete HIPAA Training While You Catch Up On The Latest On HIPAA & Texas Medical Records Privacy Rules & Get Helpful Compliance And Risk Management Tips!

Health care providers, health plans, health care clearinghouses face new imperatives to strengthen their HIPAA and other procedures for handling protected health information and other sensitive information to manage expanding risks and responsibilities arising from evolving rules, expanding enforcement and oversight, and rising penalties and other liabilities.

The $4.3 million HIPAA Civil Monetary Penalty and growing list of $1 million plus resolution payments announced by the Office of Civil Rights coupled with its commitment to investigate all large breaches reported under the HITECH Act Breach Notification Rule and other stepped up enforcement and newly initiated audit activities send a clear signal that HIPAA-covered entities and their business associates face significant exposures for failing to appropriately manage their HIPAA and other responsibilities when handling protected health information. Meanwhile, Texas House Bill 300 has raised maximum state civil penalties for unlawful disclosures of Protected Health Information under the Texas Medical Records Privacy Act to from $5,000 to $1.5 million per year. Meanwhile HITECH Act amendments to HIPAA require covered entities provide notification of certain breaches while Texas House Bill 300 adds its own specific requirements to provide notice of certain breaches of computerized data containing sensitive personal information.

With Texas House Bill 300 expanding covered entities responsibilities and liabilities and OCR issuing new regulations and other guidance to implement amendments to the HIPAA Privacy & Security Standards and implement and enforce the HITECH Act Breach Notification Rule, health care providers, health plans and insurers, their brokers, third-party administrators, and other covered entities, as well as their business associates and employer and union clients must review and tighten their policies, practices, business associate and other contracts, and enforcement to manage HIPAA and other compliance and manage risks arising from the access, collection, use, protection and disclosure of PHI to meet expanding mandates and to guard against growing liability exposures under HIPAA and other federal and state laws.

Solutions Law Press, Inc. invites you to catch up on the latest on these and other key HIPAA requirements and enforcement and learn tips for managing risks and liabilities by participating in the “HIPAA Update Workshop” on Wednesday, December 12, 2012 via WebEx for a registration fee of $125.00.

Pre-approved for various types of continuing and professional education credit, the December 12, 2012 HIPAA Update Workshop will brief participants on the De-Identification Guidance as well as the latest on other regulatory and enforcement guidance under the HIPAA Privacy, Security and Breach Notification rules and guidance and share compliance and risk management lessons emerging from recent OCR enforcement and audit activities and other selected federal and state litigation and enforcement actions impacting the handling of protected health information. Among other things, the workshop will cover:

The De-Identification Guidance just released by OCR on November 26, 2012;
The latest HIPAA Privacy, Security & Breach Notification Guidance, Audits & Enforcement
Highlights Texas House Bill’s Amendments To Texas Medical Records Privacy Law That Took Effect September 1, 2012
Post HITECH Act Heightened Liability Risks: Audits, Civil Penalties, Criminal Penalties & State Lawsuits
Expansion of HIPAA Responsibilities & Liabilities To Business Associates & What Covered Entities & Business Associates Should Do In Response
HIPAA Data Breach Notification Requirements
Practical Challenges & Strategies For Managing These Responsibilities
Tips For Coordinating HIPAA & Other Federal & State Medical Privacy, Financial Information, Identity Theft & Date Security Compliance and Risk Management
Practical Strategies For Monitoring & Responding To New Requirements & Changing Rules
Participant Questions

About The Speaker

The workshop will be conducted by attorney Cynthia Marcotte Stamer. A Fellow in the American College of Employee Benefits Counsel, recognized in International Who’s Who, North Texas Health Care Compliance Professionals Association Vice-President and Board Certified in Labor & Employment Law, attorney Cynthia Marcotte Stamer has 25 years experience advising and representing private and public health care providers, employers, employer and union plan sponsors, employee benefit plans, associations, their fiduciaries, administrators, and vendors, group health, Medicare and Medicaid Advantage, and other insurers, governmental leaders and others on privacy and data security, health care, health and other employee benefit. employment, insurance and related matters. A well-known and prolific author and popular speaker, Ms. Stamer has worked extensively with heath care providers, health plans and other payers, health and insurance IT and data systems, and others on HIPAA and other privacy and data security concerns. She served as the scrivener for the ABA JCEB Agency Meetings with the Office of Civil Rights on HIPAA Privacy for the past two years. She presently serves as Co-Chair of the ABA RPTE Section Welfare Plan Committee, Vice Chair of the ABA TIPS Employee Benefit Committee, an ABA Joint Committee on Employee Benefits Representative, an Editorial Advisory Board Member of the Institute of Human Resources (IHR/HR.com) and Employee Benefit News, and various other publications. A primary drafter of the Bolivian Social Security privatization law with extensive domestic and international regulatory and public policy experience, Ms. Stamer also has worked extensively domestically and internationally on public policy and regulatory advocacy on HIPAA and other privacy and data security risks and requirements as well as a broad range of other health, employee benefits, human resources, insurance, tax, compliance and other matters and representing clients in dealings with OCR and other HHS agencies, as well as the Departments of Labor, Treasury, Federal Trade Commission, HUD and Justice, Congress and state legislatures, and various state attorneys general, insurance, labor, worker’s compensation, medical licensure and disciplinary and other agencies and regulators. A prolific author and popular speaker, Ms. Stamer regularly authors materials and conducts workshops and professional, management and other training on HIPAA and other privacy, health care, employee benefits, human resources, insurance and related topics for the ABA, Aspen Publishers, the Bureau of National Affairs (BNA), SHRM, World At Work, Government Institutes, Inc., the Society of Professional Benefits Administrators and many other organizations. Her insights on privacy and other matters are quoted in Modern Healthcare, HealthLeaders, Benefits, Caring for the Elderly, The Wall Street Journal and many other publications. She also regularly serves on the faculty and planning committees of a multitude of symposium and other educational programs. For more details about Ms. Stamer’s services, experience, presentations, publications, and other credentials or to ask about arranging counseling, training or presentations or other services by Ms. Stamer, see www.CynthiaStamer.com.

Registration

The Registration Fee is $125.00 per person. Registration Fee Discounts available for groups of three or more. Pre-payment required via website registration required via website PayPal. No checks or cash accepted. Persons not registered at least 48 hours in advance will only participate subject to system and space availability.

Continuing Education Credit

The HIPAA Update Workshop is approved to be offered for general certification credit by the State Bar of Texas, Texas Department of Insurance, HRCI and WorldAtWork education credit for the time period offered subject to fulfillment all applicable accrediting agency requirements, completion of required procedures. Note that the applicable credentialing agency retain the final authority to determine whether an individual qualifies to receive requested continuing education credit. Neither Solutions Law Press, Inc., the speaker or any of their related parties guarantees the approval of credit for any individual or has any liability for any denial of credit. Special fees or other conditions may apply. CANCELLATION & REFUND POLICY: In order to receive credit, cancellation (either fax or mail) must be received at least 48 hours in advance of the meeting and are subject to a $10.00 refund processing fee. Refunds will be made within 60 days of receipt of written cancellation notice.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides business and management information, tools and solutions, training and education, services and support to help organizations and their leaders promote effective management of legal and operational performance, regulatory compliance and risk management, data and information protection and risk management and other key management objectives. Solutions Law Press, Inc.™ also conducts and assist businesses and associations to design, present and conduct customized programs and training targeted to their specific audiences and needs. For additional information about upcoming programs, to explore becoming a presenting sponsor for an upcoming event, e-mail your request to info@Solutionslawpress.com These programs, publications and other resources are provided only for general informational and educational purposes. Neither the distribution or presentation of these programs and materials to any party nor any statement or information provided in or in connection with this communication, the program or associated materials are intended to or shall be construed as establishing an attorney-client relationship, to constitute legal advice or provide any assurance or expectation from Solutions Law Press, Inc., the presenter or any related parties. If you or someone else you know would like to receive future Alerts or other information about developments, publications or programs or other updates, send your request to info@solutionslawpress.com. If you would prefer not to receive communications from Solutions Law Press, Inc. send an e-mail with “Solutions Law Press Unsubscribe” in the Subject to support@solutionslawyer.net. CIRCULAR 230 NOTICE: The following disclaimer is included to comply with and in response to U.S. Treasury Department Circular 230 Regulations. ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN. If you are an individual with a disability who requires accommodation to participate, please let us know at the time of your registration so that we may consider your request.

Comments Off on New OCR HIPAA De-Identification Guidance Among Developments Covered In 12/12 HIPAA Update Web Workshop | ADA, Civil Rights, Consumer Protection, Corporate Compliance, Data Security, Disease Management, Drug & Alcohol, Employers, ERISA, Fiduciary Responsibility, GINA, Health Plans, HIPAA, Human Resources, Insurance, Internal Controls, Medicare Part D, Prescription Drugs, Privacy, Wellness Programs | Tagged: compliance, Health Care, Heatlh Plans, HIPAA, PHI, Texas Medical Records Privacy | Permalink
Posted by Cynthia Marcotte Stamer

$1.5 M HIPAA Security Breach Resolution Agreement Shows Looming HIPAA Risks

September 17, 2012

Health plans, health care providers, health care clearinghouses and their business associates have yet another $1 million plus reminder of the importance of taking proper steps to secure electronic protected health information and take other steps required to comply with the Health Insurance Portability & Accountability Act of 1996 (HIPAA).

Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates, Inc. (collectively referred to as “MEEI”) will pay the U.S. Department of Health and Human Services’ (HHS) $1.5 million and take a series of corrective actions to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule under the resolution agreement available here (“Resolution Agreement”) announced by the Department of Health & Human Services (HHS) Office of Civil Rights (OCR) on September 17, 2012.

MEEI Resolution Agreement

The Resolution Agreement settles charges that resulted from an OCR investigation commenced in response to a HIPAA breach report submitted by MEEI reporting the theft of an unencrypted personal laptop containing the electronic protected health information (ePHI) of MEEI patients and research subjects. The laptop information included patient prescriptions and clinical information.

OCR’s investigation indicated that MEEI failed to take necessary steps to comply with certain requirements of the HIPAA Security Rule, such as conducting a thorough analysis of the risk to the confidentiality of ePHI maintained on portable devices, implementing security measures sufficient to ensure the confidentiality of ePHI that MEEI created, maintained, and transmitted using portable devices, adopting and implementing policies and procedures to restrict access to ePHI to authorized users of portable devices , and adopting and implementing policies and procedures to address security incident identification, reporting, and response. OCR’s investigation indicated that these failures continued over an extended period of time, demonstrating a long-term organizational disregard for the requirements of the Security Rule.

To settle the charges, MEEI will pay a $1.5 million settlement to OCR. In addition, the Resolution Agreement also requires MEEI to adhere to a corrective action plan which includes reviewing, revising and maintaining policies and procedures to ensure compliance with the Security Rule, and retaining an independent monitor who will conduct assessments of MEEI’s compliance with the corrective action plan and render semi-annual reports to HHS for a 3-year period.

Enforcement Actions Highlight Growing HIPAA Exposures For Covered Entities

The MEEI Resolution Agreement follows on the resolution agreements previously announced this year against a health plan and various health care providers, all but one of which resulted in a settlement agreement of more than $1 million.

For instance, earlier this year, OCR required that Blue Cross Blue Shield of Tennessee (BCBST) to pay $1.5 million to resolve HIPAA violations charges.

Like the PCS, BCBST and other announced resolution agreements, the MEEI Resolution Agreement provides more evidence of the growing exposures that health care providers, health plans, health care clearinghouses and their business associates need to carefully and appropriately manage their HIPAA responsibilities. See HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website.

In response to these expanding exposures, all covered entities and their business associates should review critically and carefully the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration OCR’s audit, investigation and enforcement actions, emerging litigation and other enforcement data, their own and reports of other security and privacy breaches and near misses, evolving rules and technology, and other developments to determine if additional steps are necessary or advisable. For tips, see here.

For Representation, Training & Other Resources

If you need assistance monitoring HIPAA and other health and health plan related regulatory policy or enforcement developments, or to review or respond to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer may be able to help.

Board Certified in Labor & Employment Law, Past Chair of the ABA RPTE Employee Benefit & Other Compensation Arrangements Group, Co-Chair and Past Chair of the ABA RPTE Welfare Plan Committee, Vice Chair of the ABA TIPS Employee Benefit Plans Committee, Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health plan and employee benefit, insurance, financial services, employer and health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

For the past two years, Ms. Stamer has served as the scribe for the ABA Joint Committee on Employee Benefits agency meeting with OCR. Ms. Stamer also regularly works with OCR, FTC, USSS, FBI and state and local law enforcement on privacy, data security, health care, benefits and insurance and other matters, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. For instance, Ms. Stamer for the second year will serve as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR. Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here.

If you need assistance with these or other compliance concerns, wish to inquire about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.

You can review other recent publications and resources and additional information about the other experience of Ms. Stamer here. Examples of some recent publications that may be of interest include:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here. For important information concerning this communication click here.

1 Comment | Employers, Health Plans, HIPAA, Human Resources, Insurance | Tagged: Health Plans, HIPAA, OCR, Privacy, Resolution agreement | Permalink
Posted by Cynthia Marcotte Stamer

96% Employers of 50+ Employees, 36% Employers of Smaller Employers Provide Health Coverage

August 4, 2012

Kaisers State Health Facts.org reports that almost 96% of large private sector employers (50+ employees) offer health insurance to employees, compared to 36% of small employers. On average, private sector employers cover 74% of premiums for family coverage. As the pay-or-pay mandate of the Patient Protection & Affordable Care Act (Affordable Care Act) approaches, U.S. employers of all size will decide whether to continue to provide health care coverage under the significantly expanded federal mandates governing those plans or to pay the required assessment to the federal government for failing to provide that coverage.

For Help or More Information

A board certified labor and employment attorney widely known for her extensive and creative knowledge and experienced with these and other employment, employee benefit and compensation matters, Ms. Stamer continuously advises and assists employers, employee benefit plans, their sponsoring employers, fiduciaries, insurers, administrators, service providers, insurers and others to monitor and respond to evolving legal and operational requirements and to design, administer, document and defend medical and other welfare benefit, qualified and non-qualified deferred compensation and retirement, severance and other employee benefit, compensation, and human resources, management and other programs and practices tailored to the client’s human resources, employee benefits or other management goals. A primary drafter of the Bolivian Social Security pension privatization law, Ms. Stamer also works extensively with management, service provider and other clients to monitor legislative and regulatory developments and to deal with Congressional and state legislators, regulators, and enforcement officials concerning regulatory, investigatory or enforcement concerns.

Recognized in Who’s Who In American Professionals and both an American Bar Association (ABA) and a State Bar of Texas Fellow, Ms. Stamer serves on the Editorial Advisory Board of Employee Benefits News, the editor and publisher of Solutions Law Press HR & Benefits Update and other Solutions Law Press Publications, and active in a multitude of other employee benefits, human resources and other professional and civic organizations. She also is a widely published author and highly regarded speaker on these matters. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, Modern and many other national and local publications. You can learn more about Ms. Stamer and her experience, review some of her other training, speaking, publications and other resources, and registerto receive future updates about developments on these and other concerns from Ms. Stamer here.

Other Resources

If you found this update of interest, you also may be interested in reviewing some of the other updates and publications authored by Ms. Stamer available including:

For important information concerning this communication click here. THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS. ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

Comments Off on 96% Employers of 50+ Employees, 36% Employers of Smaller Employers Provide Health Coverage | Claims Administration, Employee Benefits, Employers, ERISA, Fiduciary Responsibility, Health Plans, Human Resources, Insurance, Mental Health | Tagged: Affordable Care Act, ERISA plans, Health Plans, Mandated Benefits, Mental Health, Mental Health Parity, MHPAEA | Permalink
Posted by Cynthia Marcotte Stamer

New Health Plan Partnership, Data Sharing With Federal Health Care Fraud Enforcers Promises Greater Federal Oversight of Providers & Health Plans

July 30, 2012

Health care providers and payers should ensure that practices for billing private payers can withstand the scrutiny of federal and state health care fraud enforcers after the July 26, 2012 announcement of a ground-breaking new public-private antifraud initiative between federal and state health care fraud fighters and a private insurers under which private insurers will share an unprecedented amount of private health claims data, fraud detection practices, and other coöperation with federal and state official fraud prevention and prosecution efforts. While the partnership signals a new opportunity for health plans to secure federal support if their efforts to monitor and address suspected health care fraud impacting private health plans, private payers also should keep in mind that federal fraud prosecutors also are likely to use the data and information gleened from the partnership to identify and redress noncompliance by private health plans with federal Medicare and other federal program secondary payor, nondiscrimination and other coordination of benefits requirements; Affordable Care Act and other federal benefit, coverage and eligibility requirements and other applicable rules. Accordingly, even while anticipating greater support by federal agencies in the fight against fraud affecting private payers, health insurers and other private health plans also should tighten their practices to prepare for heightened scrutiny and enforcement by federal officials of federal health plan rules.

Government Health Care Fraud Fighters Partner With Private Insurers

The Federal health care fraud fighting departmental duo of the Departments of Health and Human Services (HHS) Justice (DOJ) last week expanded their network of fraud fighting resources by launching a “ground-breaking” partnership among the federal government, State officials, several leading private health insurance organizations, and other health care anti-fraud groups to prevent health care fraud. HHS and DOJ say the following organizations and government agencies are among the first to join this partnership:

America’s Health Insurance Plans
Amerigroup Corporation
Blue Cross and Blue Shield Association
Blue Cross and Blue Shield of Louisiana
Centers for Medicare & Medicaid Services
Coalition Against Insurance Fraud
Federal Bureau of Investigations
Health and Human Services Office of Inspector General
Humana Inc.
Independence Blue Cross
National Association of Insurance Commissioners
National Association of Medicaid Fraud Control Units
National Health Care Anti-Fraud Association
National Insurance Crime Bureau
New York Office of Medicaid Inspector General
Travelers
Tufts Health Plan
UnitedHealth Group
U.S. Department of Health and Human Services
U.S. Department of Justice
WellPoint, Inc.

HHS & DOJ Say Partnering With Private Insurers Will Give Ongoing Anti-Fraud Efforts Even More Punch

In announcing the new partnership on July 26, 2012, HHS Secretary Kathleen Sebelius and Attorney General Eric Holder touted this new voluntary, collaborative public-private arrangement as the “next step” in the Obama administration’s efforts to combat health care fraud.

“This partnership is a critical step forward in strengthening our nation’s fight against health care fraud,” said Attorney General Holder. “This Administration has established a record of success in combating devastating fraud crimes, but there is more we can and must do to protect patients, consumers, essential health care programs, and precious taxpayer dollars. Bringing additional health care industry leaders and experts into this work will allow us to act more quickly and effectively in identifying and stopping fraud schemes, seeking justice for victims, and safeguarding our health care system.”

“This partnership puts criminals on notice that we will find them and stop them before they steal health care dollars,” Secretary Sebelius said. “Thanks to this initiative today and the anti-fraud tools that were made available by the health care law, we are working to stamp out these crimes and abuse in our health care system.”

Partnership Allows Feds To Use Private Payer Claims Data, Knowledge & Other Fraud Detection Resources

According to HHS and DOJ, the new partnership is designed to share information and best practices in order to improve detection and prevent payment of fraudulent health care billings. Its goal is to reveal and halt scams that cut across a number of public and private payers. HHS and DOJ say the partnership will private insurers to share their anti-fraud insights more easily with investigators, prosecutors, policymakers and other stakeholders and law enforcement officials more effectively to identify and prevent suspicious activities, better protect patients’ confidential information and use the full range of tools and authorities provided by the Patient Protection & Affordable Care Act (Affordable Care Act) and other statutes to combat and prosecute illegal actions.

One unprecedented element of this partnership will involve the sharing of information on specific schemes, utilized billing codes and geographical fraud hotspots between the public and private partners. The partners say the planned sharing of claims data and other information will help partners prevent, detect and respond to potential health care billing fraud by:

Helping partners to take action, to prevent losses to both government and private health plans before they occur;
Improving their ability to spot and stop payments billed to different insurers for care delivered to the same patient on the same day in two different cities;
In the future to use sophisticated technology and analytics on industry-wide healthcare data to predict and detect health care fraud schemes.

Presumably, this will involve the extension of the use of state-of-the-art technology and data mining practices like those the Centers for Medicare & Medicaid Services (CMS) already uses to review claims, to track suspected fraud trends and flag suspected fraudulent activity.

Partnership Expands Use & Reach of New Affordable Care Act & Other Health Care Fraud Detection & Enforcement Tools & Collaboration

The partnership builds upon and extends the reach and use of expanded legal tools created by the Affordable Care Act and other laws that Federal and state officials are using in their highly publicized war against health care fraud, waste and abuse in Medicare, Medicaid, the Children’s Health Insurance Program (CHIP) and, increasingly, private insurance plans. Using these and other new tools, convictions under the Health Care Fraud and Abuse Control Program increased by over 27% (583 to 743) between 2009 and 2011, and the number of defendants facing criminal charges filed by federal prosecutors in 2011 increased by 74% compared with 2008 (1,430 vs. 821).

The Affordable Care Act and other legislative changes and related programs have significantly strengthened the powers of HHS, DOJ and other federal and state agencies to investigate and prosecute health care fraud. Among other things, these amendments and programs include:

Qui tam and other whistleblower incentives and programs that encourage employees, patients, competitors and others to report suspicious behavior;
Require providers, plans to self-identify, self-report and self-correct false claims and certain other non-compliance;
Increase the federal sentencing guidelines for health care fraud offenses by 20-50% for crimes that involve more than $1 million in losses;
Create penalties for obstructing a fraud investigation or audit;
Make it easier for the government to recapture any funds acquired through fraudulent practices;
Make it easier for the Department of Justice (DOJ) to investigate potential fraud or wrongdoing at facilities like nursing homes;
Under the risk-based provider enrollment rules, providers and suppliers wishing to take part in Medicare, Medicaid, and CHIP who federal officials view as posing a higher risk of fraud or abuse now must undergo licensure checks, site visits and other heightened scrutiny including ongoing monitoring as part of the new Automated Provider Screening (APS) system CMS implemented in December 2011. The APS uses existing information from public and private sources to automatically and continuously verify information submitted on a provider’s Medicare enrollment application including licensure status Secretary to impose a temporary moratorium on newly enrolling providers or suppliers of a particular type or in certain geographic areas if necessary to prevent or combat fraud, waste, and abuse.
Increased information sharing and coördination of investigations and enforcement among states, CMS, and its law enforcement partners at the Office of the Inspector General (OIG) and DOJ including the highly publicized activities of the Health Care Fraud Prevention and Enforcement Action Team (HEAT), a joint effort between HHS and DOJ to fight health care fraud.
The power of CMS, in consultation with OIG, to suspend Medicare payments and require States to suspend Medicaid and SCHIP payments to providers or suppliers during the investigation of a credible allegation of fraud;
The deployment and use of the sophisticated data collection and mining technologies of CMS’ new Fraud Prevention System, which since June 30, 2011 has used advanced predictive modeling technology to screen all Medicare fee-for-service claims before payment and target investigative resources on areas that this profile identifies as reflecting heightened risks of health care fraud vulnerability to allow regulators and prosecutors to more efficiently identify and respond to suspected fraudulent claims and emerging trends;
Focused fraud prevention, detection and enforcement activities on Home Health agencies, Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS) suppliers and certain other categories of providers and suppliers that federal officials view as historically presenting heightened concerns;
Expansion of the overpayment detection and recovery activities ofthe Recovery Audit Contractor (RAC) program to Medicaid, Medicare Advantage, and Medicare Part D programs; and
Various other tools.

Health Plan Partnership Latest Wrinkle In Fed’s Efforts To Use Private Whistleblower & Other Resources To Find Fraud

The partnership with the health plans is the latest wrinkle in a growing network of private relationships and outreach that HHS and DOJ use to discover health care fraud. By partnering with health plans, HHS and DOJ have recruited the health plans to help federal officials find and redress potential fraud in public and private health plans.

HHS and DOJ already know the value of getting private citizens to watch for and report suspected illegal behavior. Indeed, extended qui tam and other whistleblower activities already are paying off big for federal officials. For example, a former executive’s qui tam claim helped bring about the settlement announced in June, 2012 under which Christus Spohn Health System Corporation recently paid more than $5 million to settle Justice Departmentclaims that it profited from violations of the False Claims Act by inappropriately admitted patients to inpatient status for outpatient procedures. The investigation leading to the settlement began in March 2008 after Christus – Shoreline’s former director of case management filed a lawsuit under seal under the qui tam provisions of the False Claims Act alleging the six hospitals were submitting false claims to the Medicare program by billing for services that should have been performed on an outpatient basis as if they were more expensive inpatient services. The allegations stated that these hospitals were routinely billing outpatient surgical procedures as if they required an inpatient level of care even though the patients often were discharged from the hospital in less than 24 hours. The federal False Claims Act empowers private citizens with knowledge of fraud against the United States to present those allegations to the United States by bringing a lawsuit on behalf of the United States under seal. If the government’s investigation substantiates those allegations, then the private citizen is entitled to share in any recovery. In this case, that person will receive 20% of the $5,100,481.74 recovery.

With qui tam and other reports of suspected fraud an increasingly frequent and valuable tool in the federal and state wars on health care fraud, officials have added a wide range of programs encouraging and in some cases financially rewarding individuals and businesses that report circumstances leading to fraud convictions. The partnership with health plans reflects the latest wrinkle in these efforts.

Health Plans Also Targeted For Federal Health Care Fraud & Other Enforcement

While welcoming federal efforts in their private war against health care fraud, private health insurers and other payers also need to prepare to defend their own practices against a separate but equally determined wave of federal enforcement of federal health plan laws against payers.

The debate leading up to and activities of the Obama Administration since the passage of the Affordable Care Act make clear that health plans also stand in the line of fire for enforcement by federal health care officials. With alleged excesses and abuses by health plans among the leading arguments used by administration officials and Congressional supporters to justify the passage of the Affordable Care Act’s insurance reforms, it should come as no surprise that federal regulators are aggressively moving to enforce federal health care regulations against health plans and insurers.

For instance, the Obama Administration has been very aggressive in its implementation of the “Medical Loss Ratio,” “Rate Review” and other features of the health care law it touts as holding insurers accountable and has widely publicized its efforts to use these provisions to force insurers to forego rate increases and make other changes. Recent audits of Medicare Advantage and other private health plans and payers by the HHS Office of Inspector General (OIG) have identified several areas of concern, according to OIG. OIG in February, 2012 issued a publication entitled Medicare Advantage Organizations’ Identification of Potential Fraud and Abuse that reports flawed performance by Medicare Advantage plans under both Part C and Part D with regard to the measurement, detection and implementation of corrective action and referral of potentially fraudulent or abusive practices. The report notes a “lack of common understanding of key fraud and abuse program terms and raise questions about whether all MA organizations are implementing their programs to detect and address potential fraud and abuse effectively.” See also e.g. Medicare Advantage Plans’ Fraud Oversight Weak, Says OIG.

Medicare Advantage Plans are not the only plans targeted for enforcement. For many years, CMS, the Department of Defense and other agencies have been stepping up oversight and enforcement of federal rules that prohibit discrimination by health plans against individuals also covered by Medicare, Medicaid, CHIP, PIP, Department of Defense TRICARE and other federal programs and requiring these plans to pay benefits primary to government program benefits. Sophisticated new electronic data reporting rules are enhancing the enforceability of these rules.

Meanwhile, private health plans also face increased exposures for noncompliance with other laws. As currently interpreted by the Internal Revenue Service, employer or other sponsors of group health plans that fail to comply with the portability rules of the Health Insurance Portability & Accountability Act (HIPAA), mental health parity, medical coverage continuation mandates of the Consolidated Omnibus Budget Reconciliation Act (COBRA) or Michelle’s Law, the genetic nondiscrimination requirements of the Genetic Information & Nondiscrimination Act (GINA) and a host of other laws have an obligation under Internal Revenue Code Section 5001 to self-det eect, self-report and self-assess and pay excise tax penalties even as these plans face federal civil liability from Employee Benefit Security Administration, HHS and private plaintiff actions. As the implementation of the Affordable Care Act, agency officials responsible for the enforcement of these laws are promising stepped up enforcement of these and other federal health plan regulations.

Health Care Providers & Health Plans Both Must Act To Manage Risks & Compliance

In response to the growing emphasis and effectiveness of Federal officials in investigating and taking action against health care providers and payers, both health plans and health care providers should take proper steps to help prevent, detect and timely redress health care fraud and other noncompliance exposures within their organization and to position their organization to respond and defend against potential investigations or charges. In light of the growing qui tam risks, these activities should include both comprehensive compliance review and oversight, as well as tightened internal investigation, exit interview and other human resources and business partner oversight, reporting and investigation policies and practices to help find and redress potential fraud or other qui tam, retaliation and similar exposures early and more effectively.

For Help or More Information

A board certified labor and employment attorney widely known for her extensive and creative knowledge and experienced with these and other employment, employee benefit and compensation matters, Ms. Stamer continuously advises and assists employers, employee benefit plans, their sponsoring employers, fiduciaries, insurers, administrators, service providers, insurers and others to monitor and respond to evolving legal and operational requirements and to design, administer, document and defend medical and other welfare benefit, qualified and non-qualified deferred compensation and retirement, severance and other employee benefit, compensation, and human resources, management and other programs and practices tailored to the client’s human resources, employee benefits or other management goals. A primary drafter of the Bolivian Social Security pension privatization law, Ms. Stamer also works extensively with management, service provider and other clients to monitor legislative and regulatory developments and to deal with Congressional and state legislators, regulators, and enforcement officials concerning regulatory, investigatory or enforcement concerns.

Recognized in Who’s Who In American Professionals and both an American Bar Association (ABA) and a State Bar of Texas Fellow, Ms. Stamer serves on the Editorial Advisory Board of Employee Benefits News, the editor and publisher of Solutions Law Press HR & Benefits Update and other Solutions Law Press Publications, and active in a multitude of other employee benefits, human resources and other professional and civic organizations. She also is a widely published author and highly regarded speaker on these matters. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, Modern and many other national and local publications. You can learn more about Ms. Stamer and her experience, review some of her other training, speaking, publications and other resources, and registerto receive future updates about developments on these and other concerns from Ms. Stamer here.

Other Resources

If you found this update of interest, you also may be interested in reviewing some of the other updates and publications authored by Ms. Stamer available including:

Comments Off on New Health Plan Partnership, Data Sharing With Federal Health Care Fraud Enforcers Promises Greater Federal Oversight of Providers & Health Plans | Claims Administration, Employee Benefits, Employers, ERISA, Fiduciary Responsibility, Health Plans, Human Resources, Insurance, Mental Health | Tagged: Affordable Care Act, ERISA plans, Health Plans, Mandated Benefits, Mental Health, Mental Health Parity, MHPAEA | Permalink
Posted by Cynthia Marcotte Stamer

Leprino Foods To Pay $550K To Settle OFCCP Charge Pre-Hire Screening Test Illegally Discriminated

July 19, 2012

The consent decree between the U.S. Department of Labor’s Office of Federal Contract Compliance Program and Leprino Foods Inc. resolving charges of systemic hiring discrimination at the company’s Lemoore West facility signed today by an Labor Department administrative law highlights the growing aggressiveness of the Labor Department in challenging employment screening practices. The Leprino Foods case highlights the advisability of businesses judiciously determining and documenting in advance the valid business justification for employment screening procedures such as pre-employment tests and background screening.

Leprino Foods is one of the largest producers of mozzarella cheese in the world and is based in Denver, Colo. Since 2005, the company has received contracts totaling nearly $50 million from U.S. Department of Agriculture’s Farm Services Agency to provide mozzarella and other dairy products to the federal government. The Leprino Foods consent decree settles OFCCP’s allegations that Leprino Foods’ use of a pre-employment test called WorkKeys to select hires for on-call laborer positions illegally discriminated against discrimination against African-American job applicants and applicants of Asian and Hispanic descent.

OFCCP charged Leprino Foods violated Executive Order 11246, which prohibits federal contractors and subcontractors from discriminating on the bases of race, color, religion, sex and national origin in their employment practices. The agency made its findings after a scheduled compliance review in which OFCCP investigators conducted interviews, analyzed company data and reviewed documents provided by the company. Through this review, OFCCP discovered that the administration of the WorkKeys exam had an adverse impact on minority job applicants for these specific positions. The agency also found that the exam was not job-related, as it tested applicants’ skills in mathematics, locating information and observation – skills that the OFCCP felt were not critical to the entry-level tasks performed by on-call laborers, such as inspecting products, monitoring equipment and maintaining sanitation at the facility.

Under the terms of the consent decree, Leprino will pay $550,000 in back wages, interest and benefits to 253 minority workers who were rejected for on-call laborer positions between January 2005 and October 2006 because they failed the WorkKeys exam. Additionally, the company has agreed to discontinue use of the test for this purpose, hire at least 13 of the original class members, undertake extensive self-monitoring measures and immediately correct any discriminatory practices.

One of a growing number of challenges by the Obama Administration to pre-hire screening and credentialing procedures by employers as illegally discriminatory, the settlement reminds business leaders of the growing aggressiveness by the Obama Administration in challenging a broad range of pre-hire screening procedures such as pre-employment skills and other testing, background checks or the like. In addition to challeging tests like that use by Leprino Foods, the OFCCP and EEOC under the Obama Administration also are challenging criminal background and other screening procedures.

In the face of these enforcement activities, businesses desiring to use these or other screening procedures should take steps to position themselves to defend against likely challenges and scrutiny.

As part of these efforts, businesses should exercise care to conduct and retain carefully conducted and well documented analysis of the legitimate business justification for their use of tests, background checks or other credentialing procedures. This analysis and documentation should be conducted prior to the implementation and use of these procedures to minimize the likely that the “after acquired evidence rule” or other similar arguments might be used to undermine the admissibility and effectiveness of these business justification arguments. Businesses also should implement procedures to monitor for potential evidence of adverse impact or other improper bias against candidates in protected employment classes by the tests themselves or in their administration and implement well-documented processes to control for such bias.

Comments Off on Leprino Foods To Pay $550K To Settle OFCCP Charge Pre-Hire Screening Test Illegally Discriminated | Employers, Health Plans, HIPAA, Human Resources, Insurance | Tagged: background check, EEOC, employment discrimination, Government Contractors, Human Resources, OFCCP, Pre-Hire Tests, Prehiring Screening | Permalink
Posted by Cynthia Marcotte Stamer

Update Health Plans For Expanded MHPAEA & Health Care Reform Mental Health Mandates

July 15, 2012

With attention heavily focused on the health care reform mandates of the Patient Protection & Affordable Care Act (ACA), many employer and union sponsored group health plans are underestimating plan costs and risking significant liability from outdated mental health and substance abuse coverage rules to comply with the mental health parity mandates of the Paul Wellstone and Pete Domenici Mental Health Parity and Addiction Equity Act of 2008 (MHPAEA).

Although covered group health plans and issuers generally have been required to comply with the statutory provisions of the MHPAEA for all plan years beginning after October 2, 2009 and with the interim final regulations jointly issued by the Departments of Labor, Treasury and Health and Human Services for all plan years beginning after June 30, 2010, many employer or other plan sponsors have yet to properly update their health plan documents, claims and appeals processes, summary plan descriptions and other communications to comply with these MHPAEA mental health benefit mandates or a myriad of other changes to federal health plan rules that already are effective. Violations of these mandates can result Labor Department or private plaintiff lawsuits, requiring the health plan to pay benefits not budgeted for and in some cases, not covered by stop loss or other insurance, as well as Internal Revenue Service and other penalties, as well as attorneys’ fees and other costs of defense.

Solutions Law Press, Inc. invites you to catch up on what private employer and union health plans, their sponsors, fiduciaries and administrators need to do to update and administer their group health plans to comply with MHPAEA and other federal health plan mandates in addition to updating their health plans in response to the ACA requirements already effective or scheduled to take effect in upcoming months by participating in person or via WebEx in the “2012 Health Plan Update Workshop” on July 24, 2012.

Many Health Plans Need Update For MHPAEA & Other Federal Mental Health Mandates

The MHPAEA supplemented the previously enacted mental health parity requirements enacted under the Mental Health Parity Act of 1996 (MHPA).

For plans and policies subject to its provisions, the MHPAEA as implemented by the Departments’ interim final rules generally prohibit group health plans or group health insurance issuers from imposing financial or quantitative requirements (such as a copayment or coinsurance) or a quantitative treatment limitation (such as a limit on the number of outpatient visits or inpatient days covered) on mental health or substance use disorder benefits in any of 6 classifications that is more restrictive than those that apply to medical/surgical benefits in the same classification. Thus, if a plan generally applies a $25 copayment to at least 2/3 of outpatient, in-network, medical/surgical benefits, a higher copayment could not be imposed on outpatient, in-network mental health or substance use disorder benefits.

In addition to financial requirements and quantitative treatment limitations, plans and issuers often impose nonquantitative treatment limitations, such as:

Medical management standards limiting or excluding benefits based on medical necessity or medical appropriateness, or based on whether a treatment is experimental or investigative;
Formulary design for prescription drugs;
Standards for provider admission to participate in a network, including reimbursement rates;
Plan methods used to determine usual, customary, and reasonable fee charges;
Refusal to pay for higher-cost therapies until it can be shown that a lower-cost therapy is not effective (also known as fail-first policies or step therapy protocols); and
Exclusions based on failure to complete a course of treatment.

Since it released interim regulations, the Departments have published a series of FAQ guidance that answers various questions about interim final rules and taken other steps to promote awareness and understanding of the MHPAEA, as well as taken other steps to prepare for its enforcement.

Despite the availability of this guidance, many employer and other health plan sponsors, fiduciaries and administrators have not updated their health plans to comply with the MHPAEA guidance.

Attention focused on the political fights and regulatory demands of ACA and an often unwarranted assumption of the compliance adequacy of plan designs and documentation provided by insurers, administrators and other professional service providers have lead many employer and other health plan sponsors, their health plan fiduciaries and administrators to fail to make legally required or otherwise needed changes. These oversights are exposing many plans and their sponsors to unanticipated costs and potentially significant liability by failing to appropriately update their plans documentation, communications and procedures to comply with evolving mandates such as the mental health parity requirements of the MHPAEA as implemented by evolving guidance.

Following the release of updates to the MHPAEA portion of the Employer Self Compliance Tool here by the Department of Labor Employee Benefit Security Administration (EBSA) last week and with mental health benefits among those that ACA specifically identifies as an “essential benefit,” employer and union health plans, their sponsors, fiduciaries and administrators should expect greater scrutiny of their plans compliance with federal mental health parity mandates by updating their health plans’ mental health and substance abuse provisions in response to the MHPAEA and other federal mandates.

7/24 Workshop Provides Update on MHPAEA & Other Health Plan Mandates

Solutions Law Press, Inc. invites you to catch up on the latest MHPAEA and other federal requirements impacting employer and union sponsored group health plans under ACA and other federal health plan regulations by participating in “Coping With Health Care Reform: 2012 Health Plan Update Workshop on Tuesday, July 24, 2012. Participants may choose to attend the live briefing in Addison, Texas or participate via WebEx for a registration fee of $125.00. To register or for more information, see here.

For Help or More Information

A board certified labor and employment attorney widely known for her extensive and creative knowledge and experienced with these and other employment, employee benefit and compensation matters, Ms. Stamer continuously advises and assists employers, employee benefit plans, their sponsoring employers, fiduciaries, insurers, administrators, service providers, insurers and others to monitor and respond to evolving legal and operational requirements and to design, administer, document and defend medical and other welfare benefit, qualified and non-qualified deferred compensation and retirement, severance and other employee benefit, compensation, and human resources, management and other programs and practices tailored to the client’s human resources, employee benefits or other management goals. A primary drafter of the Bolivian Social Security pension privatization law, Ms. Stamer also works extensively with management, service provider and other clients to monitor legislative and regulatory developments and to deal with Congressional and state legislators, regulators, and enforcement officials concerning regulatory, investigatory or enforcement concerns.

Other Resources

If you found this update of interest, you also may be interested in reviewing some of the other updates and publications authored by Ms. Stamer available including:

Comments Off on Update Health Plans For Expanded MHPAEA & Health Care Reform Mental Health Mandates | Claims Administration, Employee Benefits, Employers, ERISA, Fiduciary Responsibility, Health Plans, Human Resources, Insurance, Mental Health | Tagged: Affordable Care Act, ERISA plans, Health Plans, Mandated Benefits, Mental Health, Mental Health Parity, MHPAEA | Permalink
Posted by Cynthia Marcotte Stamer

OCR Hits Alaska Medicaid For $1.7M+ For HIPAA Security Breach

June 26, 2012

The Alaska State Medicaid Agency, the Alaska Department of Health and Social Services (DHSS) will pay the U.S. Department of Health and Human Services’ (HHS) $1,700,000 to settle possible violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. Alaska DHSS also has agreed to take corrective action to properly safeguard the electronic protected health information (ePHI) of their Medicaid beneficiaries.

The first HIPAA Resolution Agreement that the HHS Office for Civil Rights (OCR) has reached a state agency, the Resolution Agreement second announced Resolution Agreement stemming from a unsecured protected health information breach report filed in response to the breach notification rules of the Health Information Technology for Economic and Clinical Health (HITECH) Act. Earlier this year, OCR announced its first Resolution Agreement involving a health plan resulted from a breach notification report it had filed under the HITECH Act. See $1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report.

OCR opened the investigation leading to the Resolution Agreement after Alaska DHSS filed a breach report that indicated that a portable electronic storage device (USB hard drive) possibly containing ePHI was stolen from the vehicle of a DHSS employee. Over the course of the investigation, OCR found evidence that DHSS did not have adequate policies and procedures in place to safeguard ePHI. Further, the evidence indicated that DHSS had not completed a risk analysis, implemented sufficient risk management measures, completed security training for its workforce members, implemented device and media controls, or addressed device and media encryption as required by the HIPAA Security Rule. Inadequacies by covered entities in safeguarding protected health information and laptops and other devices containing ePHI is a common compliance concern according to OCR statistics.

In addition to the $1,700,000 settlement, the agreement includes a corrective action plan that requires Alaska DHSS to review, revise, and maintain policies and procedures to ensure compliance with the HIPAA Security Rule. A monitor will report back to OCR regularly on the state’s ongoing compliance efforts.

OCR’s announcement highlights the need for covered entities not only to take proper steps to establish and administer appropriate policies and safeguards to protect protected health information and EHI, but also to prepare, update as needed and be prepared to produce documentation showing their oganizations actions to evaluate, monitor and maintain appropriate safeguards of ePHI and the operating systems and devices that contain this information.

“Covered entities must perform a full and comprehensive risk assessment and have in place meaningful access controls to safeguard hardware and portable devices,” said OCR Director Leon Rodriguez. “This is OCR’s first HIPAA enforcement action against a state agency and we expect organizations to comply with their obligations under these rules regardless of whether they are private or public entities.”

The HHS Resolution Agreement can be viewed here.

Enforcement Actions Highlight Growing HIPAA Exposures For Covered Entities

The Alaska Medicaid Resolution Agreement is the latest in a growing list of Resolutions Agreements highlighting the mounting exposures that health care providers, health plans, health care clearinghousesand their business associates face if required to file a large breach notification or otherwise charged with failing to appropriately manage their HIPAA responsibilities. See Arizona Physician Group Pays $100K To Settle HIPAA Charges; $1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report; HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website. As OCR leaders have indicated that OCR investigates all large breach notification filings made under the HITECH Act Breach Notification Rules and with more than 450 large breach notifications reported on its website, additional Resolution Agreements are expected in coming months even as covered entities and their business associates are awaiting the impending issuance of updated HIPAA regulations.

In light of these and other developments and risks, covered entities and their business associates should move to audit and strengthen their HIPAA compliance and documentaiton and adopt other suitable safeguards to minimize HIPAA exposures.

In response to these expanding exposures, all covered entities and their business associates should review critically and carefully the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration OCR’s investigation and enforcement actions, emerging litigation and other enforcement data; their own and reports of other security and privacy breaches and near misses, and other developments to determine if additional steps are necessary or advisable.

For more information about the PCS Resolution Agreement and HIPAA compliance and risk management tips, see here.

In response to these expanding exposures, all covered entities and their business associates should review critically and carefully the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration OCRâ€™s investigation and enforcement actions, emerging litigation and other enforcement data; their own and reports of other security and privacy breaches and near misses, and other developments to determine if additional steps are necessary or advisable.

For Representation, Training & Other Resources

You can get more information about her HIPAA and other experience here.

If you need help investigating or responding to a known or suspected compliance, litigation or enforcement or other risk management concern, assistance with reviewing, updating, administering or defending a current or proposed employment, employee benefit, compensation or other management practice, wish to inquire about federal or state regulatory compliance audits, risk management or training, or need legal representation on other matters please contact Ms Stamer here or at (469) 767-8872.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information â€“ including your preferred e-mail â€“ by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word â€œRemoveâ€ in the Subject to here.

Comments Off on OCR Hits Alaska Medicaid For $1.7M+ For HIPAA Security Breach | Employers, Health Plans, HIPAA, Human Resources, Insurance | Tagged: Health Plans, HIPAA, OCR, Privacy, Resolution agreement | Permalink
Posted by Cynthia Marcotte Stamer

Labor Department Annual Self-Insured Health Plan Report To Congress Released

May 3, 2012

The U.S. Department of Labor (Labor Department) submitted to Congress its 2012 Annual Report on Self-Insured Group Health Plans (2012 HP Report) today (May 4, 2012).

The 2012 HP Report is the second the Labor Department has prepared to comply with the requirement of Section 1253 of the Patient Protection and Affordable Care Act (the “Affordable Care Act”) that the Labor Secretart prepare an aggregate annual report that includes certain general information on self-insured group health plans using data collected from the Annual Return/Report of Employee Benefit Plan (the “Form 5500”), as well as certain data from financial filings of self-insured employers.

The Labor Department provided the the first report, Annual Report on Self-Insured Group Health Plans, March 2011 (March 2011 Report)to Congress in March 2011.

Section I of the 2012 HP Report presents aggregate statistics describing self-insured plans that file a Form 5500 – generally, private-sector employee health plans that cover 100 or more participants or hold assets in trust.

Section II of the 2012 HP Report presents certain available financial information on employers that sponsor such plans. Section III shares various Labor Department conclusions relating to the 2012 HP Report data.

Along with the 2012 HP Report, the Labor Department also included two additional documents as Appendixes:

Appendix A, Group Health Plans Report: Abstract of 2009 Form 5500 Annual Reports Reflecting Statistical Year Filings, provides detailed statistics describing group health plans that file a Form 5500; and
Appendix B, Self-Insured Health Benefit Plans 2012, presents a study that explores statistical issues associated with Form 5500 health plan data and analyzes available data on the financial status of employers that sponsor group health plans filing the Form 5500.

The 2012 HP Report shares and discusses various implications of statistics relating to practices and other elements of self-insured plans. Among other things, the 2012 HP Report indicates that Sponsors of self-insured plans generally bear the risk associated with paying their plans’ covered health expenses. In contrast, sponsors of fully-insured plans generally pay premiums to insurers and transfer all such risk to them. Some sponsors retain the risk for a subset of benefits, but transfer the risk for the remaining benefits to health insurers – that is, they finance their plans’ benefits using a mixture of self-insurance and insurance.

A complete copy of the Report is available for review here.

For Help or More Information

If you need additional information about Affordable Care Act or other help with reviewing and updating, administering or defending your group health or other employee benefit, human resources, insurance, health care matters or related documents or practices, please contact the author of this update, Cynthia Marcotte Stamer.

A board certified labor and employment attorney widely known for her extensive and creative knowledge and experienced with these and other employment, employee benefit and compensation matters, Ms. Stamer continuously advises and assists employers, employee benefit plans, their sponsoring employers, fiduciaries, insurers, administrators, service providers, insurers and others to monitor and respond to evolving legal and operational requirements and to design, administer, document and defend medical and other welfare benefit, qualified and non-qualified deferred compensation and retirement, severance and other employee benefit, compensation, and human resources, management and other programs and practices tailored to the client’s human resources, employee benefits or other management goals. A primary drafter of the Bolivian Social Security pension privatization law, Ms. Stamer also works extensively with management, service provider and other clients to monitor legislative and regulatory developments and to deal with Congressional and state legislators, regulators, and enforcement officials concerning regulatory, investigatory or enforcement concerns.

Recognized in Who’s Who In American Professionals and both an American Bar Association (ABA) and a State Bar of Texas Fellow, Ms. Stamer serves on the Editorial Advisory Board of Employee Benefits News, the editor and publisher of Solutions Law Press HR & Benefits Update and other Solutions Law Press Publications, and active in a multitude of other employee benefits, human resources and other professional and civic organizations. She also is a widely published author and highly regarded speaker on these matters. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, Modern Health Care and many other national and local publications. You can learn more about Ms. Stamer and her experience, review some of her other training, speaking, publications and other resources, and register to receive future updates about developments on these and other concerns from Ms. Stamer here.

Other Resources

If you found this update of interest, you also may be interested in reviewing some of the other updates and publications authored by Ms. Stamer available including:

For important information concerning this communication click here. THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TOU.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS. ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.

Comments Off on Labor Department Annual Self-Insured Health Plan Report To Congress Released | Affordable Care Act, Employee Benefits, Employers, ERISA, Health Plans, Human Resources, Insurance, Uncategorized | Tagged: Affordable Care Act, Health Plans, self-insured health plans | Permalink
Posted by Cynthia Marcotte Stamer

Latest $100,000 HIPAA Resolution Agreement Nails Physician Group,

April 17, 2012

The $100,000 settlement with an Arizona-based physician group announced today by the Department of Health & Human Services (HHS) Office of Civil Rights (OCR) under the Health Insurance Portability & Accountability Act of 1996 (HIPAA) demonstrates the need for all health care providers, health plans, health care clearinghouses (covered entities) and their business associates to maintain appropriate HIPAA compliance and risk management procedures and documentation.

Arizona-based Phoenix Cardiac Surgery, P.C. (PCS) will pay the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) a $100,000 settlement and take corrective action to implement policies and procedures to safeguard the protected health information of its patients to settle OCR charges PCS violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules. Health care providers and other HIPAA-covered entities should heed the PSC and other recent settlements as the latest signal of the risks that health care providers and other covered entities run by failing to adequately implement and administer appropriate HIPAA compliance practices.

The PCS settlement follows an extensive OCR investigation of a report that PCS posted clinical and surgical appointments for its patients on a publically accessible Internet-based calendar. Among other things, the Resolution Agreement documenting the PCS settlement states that OCRâ€™s investigation found that the persistent failure by PCS to adopt HIPAA required policies and safeguards, maintain required business associate agreements, and conduct necessary workforce training resulted in the prohibited posting of more than 1,000 separate entries of ePHI on a publicly accessible, Internet-based calendar and business associates improperly receiving and maintaining PHI and ePHI without the protection of required business associate agreements.

Under the PCS HHS Resolution Agreement available here, PCS will pay a $100,000 settlement amount and a corrective action plan that includes a review of recently developed policies and other actions taken to come into full compliance with the Privacy and Security Rules. Like the $1,500,000 Blue Cross Blue Shield of Tennessee (BCBST) Resolution Agreement announced last month, the PCS shows OCRâ€™s readiness to sanction health care providers and other covered entities of all sizes for violations of HIPAA.

Enforcement Actions Highlight Growing HIPAA Exposures For Covered Entities

Like the BCBST Resolution Agreement and other previously announced OCR Resolution Agreements, the PCS provides more evidence of the growing exposures that health care providers, health plans, health care clearinghouses and their business associates need to carefully and appropriately manage their HIPAA responsibilities. See $1.5 Million HIPAA Settlement Reached To Resolve 1st OCR Enforcement Action Prompted By HITECH Act Breach Report; HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website. Covered entities are urged to heed these warning by strengthening their HIPAA compliance and adopting other suitable safeguards to minimize HIPAA exposures.

In the face of rising enforcement and fines, OCRâ€™s initiation of HIPAA audits and other recent developments, covered entities and their business associates should tighten privacy policies, breach and other monitoring, training and other practices to reduce potential HIPAA exposures in light of recently tightened requirements and new enforcement risks.

In response to these expanding exposures, all covered entities and their business associates should review critically and carefully the adequacy of their current HIPAA Privacy and Security compliance policies, monitoring, training, breach notification and other practices taking into consideration OCRâ€™s investigation and enforcement actions, emerging litigation and other enforcement data; their own and reports of other security and privacy breaches and near misses, and other developments to determine if additional steps are necessary or advisable.

For more information about the PCS Resolution Agreement and HIPAA compliance and risk management tips, see here.

For Representation, Training & Other Resources

Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.

Scheduled to serve as the scribe for the ABA Joint Committee on Employee Benefits agency meeting with OCR, Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. For instance, Ms. Stamer for the second year will serve as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR. Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others.

You can get more information about her HIPAA and other experience here.

DC Court Enjoins Implementation of NLRB Poster Rule

Orthofix Medical Device Exec Awaits Sentencing After Pleading Guilty To Violating Anti-Kickback Law

Health Care Providers Also Should Guard Against Rising Exposures To State Health Care Fraud & Other Enforcement Risks

Director of Texas Office of e-Health Coodination To Discuss Texas HIE Strategy in 3/14 HHS Sponsored Teleconference

Halfway House Owner Gets 24 Months Imprisonment For Health Care Fraud & Kickback Conviction

Health Plans Should Act Quickly To Prepare Affordable Care Act Required Summary of Benefits & Communications & Update Other Health Plan Communications

NLRB Report Shows Rise In Unfair Labor Practice Complaints & Formal Proceedings

Sullivan University System to Pay $483,000 in Back Wages Overtime Violations Stemming From Worker Misclassifications

New DOL Final Rules Tighten Requirements For Employers To Hire Alien Workers Using H-2B Visas

OSHA $1Million Award Against AirTran Airways Highlights Retaliation Risks

HHS Chides Trustmark Life Insurance Company For â€œExcessiveâ€ Health Premium Increases After Affordable Care Act Rate Audit

Labor Department Final Rule Defines Recreation Vehicle For Longshore & Harbor Workersâ€™ Compensation Act

Portion of Health Care Costs Paid By Government Programs Rose As Employer Provided & Other Private Health Care Coverage Declined In 2010

Help Careflite Celebrate New Facility 1/11

Careflite Dedicates New Facility January 11, 2012

Manufacturerâ€™s Excessive I-9 Documentation Triggers Discrimination Liability

Comments Off on Latest $100,000 HIPAA Resolution Agreement Nails Physician Group, | Employers, Health Plans, HIPAA, Human Resources, Insurance | Tagged: Health Plans, HIPAA, OCR, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Small Employers Should Evaluate Eligibility For Small Business Health Care Tax Credit

March 14, 2012

Small employers that provide health insurance coverage to their employees should consider whether they qualify for and should claim the small business health care tax credit authorized by Congress as part of the Patient Protection and Affordable Care Act (Affordable Care Act).

The small business health care tax credit enacted two years ago may provide a tax credit for certain small employers that pay at least half of the premiums for employee health insurance coverage under a qualifying arrangement may be eligible for this credit. The credit is specifically targeted to help small businesses and tax-exempt organizations provide health insurance for their employees.

Depending upon how they are structured, eligible small employers are likely subject to one of the following three tax-filing deadlines, which fall in coming weeks:

March 15: Corporations that file on a calendar year basis can figure the credit on Form 8941 and claim it as part of the general business credit on Form 3800, both of which are attached to their corporate income tax return.
April 17: Individuals have until April 17 to complete and file their returns on Form 1040. This includes Sole proprietors, as well as people who have business income reported to them on Schedules K-1—partners in partnerships, S corporation shareholders and beneficiaries of estates and trusts. They also attach Forms 8941 and 3800 to their return. The resulting credit is entered on Form 1040 Line 53.
May 15: Tax-exempt organizations that file on a calendar year basis can use Form 8941 and then claim the credit on Form 990-T, Line 44f.

Taxpayers needing more time to determine eligibility might consider obtaining an automatic tax-filing extension, usually for six months. See Form 4868 for individuals, Form 7004 and its instructions for businesses and Form 8868 for tax-exempt organizations.

Businesses that have already filed and later find that they qualified in 2010 or 2011 can still claim the credit by filing an amended return for one or both years. Corporations use Form 1120X, individuals use Form 1040X and tax-exempt organizations use Form 990-T.

Some businesses and tax-exempt organizations that already locked into health insurance plan structures and contributions may not have had the opportunity to make any needed adjustments to qualify for the credit for 2010 or 2011. These employers can still make the necessary changes to their health insurance plans so they qualify to claim the credit on 2012 returns or in years beyond. Eligible small employers can claim the credit for 2010 through 2013 and for two additional years beginning in 2014.

The recently-revamped Small Business Health Care Tax Credit page on IRS.gov provides additional information and resources designed to help small employers see if they qualify for the credit and then figure the amount of the credit, if any, that the employer qualifies to claim. These include a step-by-step guide for determining eligibility, examples of typical tax savings under various scenarios, answers to frequently-asked questions, a YouTube video and a webinar.

For More Information Or Assistance

If you need help reviewing or updating your health benefit program for compliance with ACA or other laws or with any other employment, employee benefit, compensation or internal controls matter, please contact the author of this article, attorney Cynthia Marcotte Stamer.

A 2011 inductee to the American College of Employee Benefits Council, immediate past-Chair and current Welfare Benefit Committee Co-Chair of the American Bar Association (ABA) RPPT Employee Benefits & Other Compensation Arrangements, an ABA Joint Committee on Employee Benefits Council Representative, the ABA TIPS Employee Benefit Plan Committee Vice Chair, former ABA Health Law Section Managed Care & Insurance Interest Group Chair, past Southwest Benefits Association Board Member, Employee Benefit News Editorial Advisory Board Member, and a widely published speaker and author, Ms. Stamer has more than 24 years experience advising businesses, plans, fiduciaries, insurers. plan administrators and other services providers, and governments on health care, retirement, employment, insurance, and tax program design, administration, defense and policy. Nationally and internationally known for her creative and highly pragmatic knowledge and work on health benefit and insurance programs, Ms. Stamer’s experience includes extensive involvement in advising and representing these and other clients on ACA and other health care legislation, regulation, enforcement and administration.

Widely published on health benefit and other related matters, Ms. Stamer’s insights and articles have appeared in HealthLeaders, Modern Health Care, Managed Care Executive, the Bureau of National Affairs, Aspen Publishers, Business Insurance, Employee Benefit News, the Wall Street Journal, the American Bar Association, Aspen Publishers, World At Work, Spencer Publications, SHRM, the International Foundation, Solutions Law Press and many others.

For additional information about Ms. Stamer and her experience, see www.CynthiaStamer.com.

Comments Off on Small Employers Should Evaluate Eligibility For Small Business Health Care Tax Credit | 105(h), Affordable Care Act, CHIP, COBRA, Employee Benefits, Employers, Employment Tax, ERISA, Excise Tax, Fiduciary Responsibility, FMLA, Health Care Reform, Health Plans, HIPAA, Human Resources, Income Tax, Insurance, Malpractice, Medicare Part D, Mental Health, Mental Health Parity, Patient Empowerment, Patient Protection and Affordable Care Act, Payroll Tax, Preemption, Prescription Drugs, Protected Health Information, Reporting & Disclosure, Tax Credit, Wellness Programs | Tagged: ACA, Health Plans, small business health plan credit | Permalink
Posted by Cynthia Marcotte Stamer

HHS Chides Trustmark Life Insurance Company For “Excessive” Health Premium Increases After Affordable Care Act Rate Audit

January 12, 2012

Trustmark Life Insurance Company is the latest health insurance issuer coming under fire from the Department of Health & Human Services (HHS) for making what HHS views as “unreasonable” health insurance premium increases under its new “rate review” powers created by the Patient Protection & Affordable Care Act (Affordable Care Act).

HHS Secretary Kathleen Sebelius announced today (January 12, 2012) HHS considers to be unreasonable premium rate increases proposed by Trustmark Life Insurance Company in five states—Alabama, Arizona, Pennsylvania, Virginia, and Wyoming. According to HHS, the allegedly excessive rate hikes would affect nearly 10,000 residents across these five states.

According to HHS, a review of the health insurance premium disclosures filed by Trustmark Life Insurance Company here found that Trustmark has raised rates by 13 percent in these five states. For small businesses in Alabama and Arizona, when combined with other rate hikes made over the last 12 months, HHS claims rates have increased by 27.2 percent and 18.1 percent, respectively. According to HHS, HHS says that an independent review engaged by HHS found that the rate increases were unreasonable because the insurer “would be spending a low percent of premium dollars on actual medical care and quality improvements, and because the justifications were based on unreasonable assumptions.” HHS is calling upon Trustmark Health Insurance Company to rescind the rates and issue rebates to consumers or publically explain its refusal to do so. The new rate review procedures allow Trustmark Health Insurance Company and other carriers accused by HHS of making unreasonable rate increases various options to dispute the charges

The rate review and reduction demand by HHS reflects its efforts to use its “rate review” authority from the Affordable Care Act to discourage health insurers from raising health insurance premiums by more than 10 percent. HHS requires health insurers to notify HHS of rate increases over 10 percent and justify these increases. HHS generally views health insurance premium increases of more than 10 percent as unreasonable. Under these new rate review powers,

Under the new rate review rules, HHS has the power to review proposed rate reviews and to report its findings but does not have the direct authority to force health insurers to limit premium increases to less than 10 percent or to impose legal or administrative sanctions directly against insurers for making what HHS views as unreasonable premium increases. However, as many as 37 states have the authority to regulate or reject unreasonable premium increases. In the absence of direct authority to regulate insurer rates, HHS uses its ability to publicize its rate review determinations to invite state regulators and the public to apply pressure to insurers to keep down rate increases.

In today’s announcement, HHS credits its new rate review powers with helping to prevent health insurance premium increases, According to HHS, states with the power to regulate insurer premiums increasingly are using this authority. Examples of how states have used this authority include:

In New Mexico, the state insurance division denied a request from Presbyterian Healthcare for a 9.7 percent rate hike, lowering it to 4.7 percent;
In Connecticut, the state stopped Anthem Blue Cross Blue Shield, the state’s largest insurer, from hiking rates by a proposed 12.9 percent, instead limiting it to a 3.9 percent increase;
In Oregon, the state denied a proposed 22.1 percent rate hike by Regence, limiting it to 12.8 percent.
In New York, the state denied rate increases from Emblem, Oxford, and Aetna that averaged 12.7 percent, instead holding them to an 8.2 percent increase.
In Rhode Island, the state denied rate hikes from United Healthcare of New England ranging from 18 to 20.1 percent, instead seeing them cut to 9.6 to 10.6 percent.
In Pennsylvania, the state held Highmark to rate hikes ranging from 4.9 to 8.3 percent, down from 9.9 percent.

Targeting health insurers proposing rate increases of 10 or more percent is likely to result in a significant number of reviews. A Kaiser Family Foundation Employer Health Benefits 2011 Annual Survey found average premiums increased 8% for single coverage and 9% for family coverage through May, 2011.

Companies that HHS finds have made excessive rate increases can either reduce their rate hikes or post a justification on their website within 10 days of the rate review determination.

For More Information Or Assistance

For additional information about Ms. Stamer and her experience, see www.CynthiaStamer.com.

Comments Off on HHS Chides Trustmark Life Insurance Company For “Excessive” Health Premium Increases After Affordable Care Act Rate Audit | 105(h), Affordable Care Act, CHIP, COBRA, Employee Benefits, Employers, Employment Tax, ERISA, Excise Tax, Fiduciary Responsibility, FMLA, Health Care Reform, Health Plans, HIPAA, Human Resources, Income Tax, Insurance, Malpractice, Medicare Part D, Mental Health, Mental Health Parity, Patient Empowerment, Patient Protection and Affordable Care Act, Payroll Tax, Preemption, Prescription Drugs, Protected Health Information, Reporting & Disclosure, Tax Credit, Wellness Programs | Permalink
Posted by Cynthia Marcotte Stamer

Group Health Plans & Insurer To Get More Time To Meet Affordable Care Act Summary of Benefits and Coverage Requirements

December 7, 2011

Delayed Deadline Allows Much Needed Time To Continue Preparations

Group health plans and insurers, their sponsors, fiduciaries, administrators and other services providers are getting more time to comply with the Affordable Care Act’s new Summary of Benefits and Coverage (“SBC”) mandate beyond the March 23, 2012 deadline originally set forth in the Proposed Regulations jointly published by the U.S. Departments of Health and Human Services (HHS), Labor and the Treasury (the Departments). Plans, their insurers and administrators should make good use of this time to continue the time consuming planning and preparations expected to be required to comply with the final rules.

As amended by the Affordable Care Act, Public Health Service Act (“PHS Act”) § 2715 PHS requires group health plans and health insurance issuers to provide a “Summary of Benefits and Coverage” and “Uniform Glossary” meeting standards developed by the Departments.

In August, 2011, the Departments jointly published proposed regulations and accompanying templates detailing the content, format, supplements and other requirements that they proposed requiring health plans and health insurers to meet to satisfy the SBC requirements.

If implemented in final form as proposed, group health plans and insurers, their sponsors, administrators and fiduciaries can expect that significant work will be required to evaluate and prepare the SBC and associated adjustments to plan documents, summary plan descriptions and other materials and practices that are likely to be required in response to the new requirements. Since health plan documents and insurance contracts are unlikely to already use the same definitions as the SBC regulations require be used in the Glossary, group health insurers and self-insured group health plans, their sponsors, fiduciaries and other administrators generally will want to review and adjust definitions and other plan document and insurance cotnract provisions to eliminate inconsistencies and address other concerns. Likewise, adjustments to summary plan descriptions, certificates of benefits and other communication materials also likely will be needed. Furthermore, most health insurers and group health plan may want to reevaluate claims and other cost and reserve projections and consider other adjustments in response to potential implications of these adjustments.

As originally proposed by the Departments, health plans and issuers faced a March 23, 2012 deadline to begin complying with the SBC rules. Since August, 2011, we and various other attorneys from the American Bar Association RPTE and Tax leadership, as well as others have shared concerns with representatives of the Departments about the compliance deadlines and other aspects of the Proposed Rules. New guidance released by the Departments in November reflects that the Departments are taking this input to heart.

According to joint guidance issued by the Departments in November, the health plans and insurers will not be expected to comply by March 23. Frequently Asked Question (FAQ) guidance jointly issued by the Departments indicates that health plans and health insurers will not be required to comply with the SBC mandate until after the Departments issue finalize regulations.

According to the FAQ, the Departments’ final regulations, once issued, will include an applicability date that allows group health plans and health insurance issuers “sufficient time to comply.” The FAQ does not indicate when the Departments expect to publish final regulations or the length of the period following this publication that the Departments anticipate health plans and issuers will have to come into compliance.

This news provides welcome relief for group health plans and insurers, and the employers, administrators and others working to update and administer group health plans in response to the Affordable Care Act. Health plans, insurers, their sponsors, administrators and service providers are cautioned to make good use of this added time to begin preparing to respond quickly when regulations are finalized. While the Departments are expected to make various refinements when finalizing the regulations beyond adjusting the compliance deadline, plans and insurers are expected to be required to engage in significant planning and other preparations to meet the revised rules. In light of this, health insurers and group health plans, their sponsors, administrators and fiduciaries generally are advised to continue these preparations based upoln the guidance set forth in the proposed regulations so that they can be prepared to respond in a timely fashion to the final regulations.

For Help or More Information

A board certified labor and employment attorney widely known for her extensive and creative knowledge and experienced with these and other employment, employee benefit and compensation matters, Ms. Stamer continuously advises and assists employers, employee benefit plans, their sponsoring employers, fiduciaries, insurers, administrators, service providers, insurers and others to monitor and respond to evolving legal and operational requirements and to design, administer, document and defend medical and other welfare benefit, qualified and non-qualified deferred compensation and retirement, severance and other employee benefit, compensation, and human resources, management and other programs and practices tailored to the client’s human resources, employee benefits or other management goals. A primary drafter of the Bolivian Social Security pension privatization law, Ms. Stamer also works extensively with management, service provider and other clients to monitor legislative and regulatory developments and to deal with Congressional and state legislators, regulators, and enforcement officials concerning regulatory, investigatory or enforcement concerns.

Other Resources

If you found this update of interest, you also may be interested in reviewing some of the other updates and publications authored by Ms. Stamer available including:

About Solutions Law Press

Comments Off on Group Health Plans & Insurer To Get More Time To Meet Affordable Care Act Summary of Benefits and Coverage Requirements | 105(h), Affordable Care Act, CHIP, COBRA, Employee Benefits, Employers, Employment Tax, ERISA, Excise Tax, Fiduciary Responsibility, FMLA, Health Care Reform, Health Plans, HIPAA, Human Resources, Income Tax, Insurance, Malpractice, Medicare Part D, Mental Health, Mental Health Parity, Patient Empowerment, Patient Protection and Affordable Care Act, Payroll Tax, Preemption, Prescription Drugs, Protected Health Information, Reporting & Disclosure, Tax Credit, Wellness Programs | Tagged: Affordable Care Act, Employee Benefits, employee benefits policy, Employer, Health Care Reform, Health Insurance, health issuer, Health Plans, health premiums, instruction, Insurance, Insurer, speech, Speeches, Training, WEB | Permalink
Posted by Cynthia Marcotte Stamer

CMS Final Medicare Rule Imposes Many Conditions On Access To Medicare Claims Data To Evaluate Providers & Suppliers

December 6, 2011

Final Rules Make Direct Access To Data By All But Most Sophisticated Impossible

The Centers For Medicare & Medicaid Services (“CMS”) says disclosures of certain Medicare provider and supplier claims performance data scheduled to begin in January will empower employers, health plans and consumers to better evaluate the quality of these health care providers and suppliers.

CMS plans to begin sharing certain Medicare parts A, B and D provider claims data with “qualifying entities” that can demonstrate the necessary experience and qualifications for use in assisting employers, health plans and others to evaluate the performance of providers and suppliers. CMS also will generate public reports about this performance data for purposes of aiding employers, consumers and others in evaluating the quality for provider or suppliers.

The disclosures will be made in response to Section 10332 of the Patient Protection and Affordable Care Act as amended by the Health Care and Education Reconciliation Act of 2010 (collectively the “Affordable Care Act”). Section 10332 generally requires CMS make available this Medicare data to “qualifying entities” for use in conjunction with other claims data to evaluate provider performance effective January 1, 2012.

The new Final Rule on Availability of Medicare Data for Performance Measurement (“Final Rule”) available for review here establishes detailed requirements about who, when and under what conditions that Medicare will allow qualifying entities to obtain and use certain standardized extracts of Medicare Parts A, B, and D provider and supplier performance data in conjunction with other claims data to evaluate provider and supplier performance pursuant to Section 10332. The Final Rule also discusses privacy requirements that qualifying entities must meet when handling this data. scheduled for official publication in the December 7, 2011 Federal Register

The disclosure of provider performance data is intended to provide greater transparency to employers, health plans, consumers and other parties in evaluating health care provider and supplier quality. To access this information, however, entities will have to comply with detailed requirements. Complicated restrictions included in the Final Rules make it likely that only sophisticated health plans and service providers will be able to directly access and use the provider and supplier data intended to be made available under the Final Rule, however.

As implemented under the Final Rule, entities wishing to access the provider or supplier claims data will be required to meet detailed qualification and other requirements. For instance, among other things, the Final Rule generally only allows an entity to access and use the provider data if it is an entity or business contractor to an entity that:

CMS determines is an entity eligible to obtain the provider data under the eligibility criteria set forth in the Final Rule;
Apply to obtain the provider data under the Final Rule for an allowed purpose in accordance with a demonstrated plan as required by the Final Rules;
Meet a detailed list of requirements demonstrating that it has the experience, governance, policies, procedures and other required qualifications specified in the Final Rules to qualify to obtain and use the provider data;
Pays the required fee;
Comply with annual reporting and other reporting and monitoring requirements;
Comply with the specific requirements of the Final Rules concerning the protection of the privacy of accessed data;
Agree to meet the requirements described in the Final Rules; and
Otherwise comply with all other applicable requirements of the Final Rule.

Entities accessing the information also will be monitored and subject to sanction for failing to comply with the Final Rule in using or handling the provider performance data once it is received. Once an entity is allowed to access the provider claims data, the Final Rules specify that CMS will monitor and assess the performance of qualified entities and their contractors through audits, review of data source documentation and data as requested by CMS; site visits; review of data reported by the qualified entity as part of required annual reporting and other reporting requirements set forth in the Final Rule; analysis of complaints from beneficiaries and/or providers or suppliers. If CMS determines that a qualified entity has breached any of these requirements, it may warn; require a corrective action plan (“CAP”); place the qualified entity on a special monitoring plan; or terminate the qualified entity from participation in the program in accordance with the Final Rules.

Health plans, employers, and other entities desiring to access or use this information will need to exercise care when applying to obtain and handling the data to ensure that all requirements are met. To ensure that these requirements are met, parties interested in obtaining these rules should seek assistance from competent counsel and other qualified advisors concerning their proposed application and use of this data.

In light of these and other conditions for accessing and using this information, only a very limited of very sophisticated health plans, employers or other entities or their advisors are likely to apply to or qualify to access and use the provider and supplier claims data as contemplated by the rule. Individual consumers, and most employers generally will only benefit from the new access allowed to this data indirectly, by accessing the analysis of these entities.

For Help or More Information

If you need help responding to this new guidance or otherwise to deal with other health plan or insurance, employee benefit, human resources, compensation, health care matters or related matters, please contact the author of this update, Cynthia Marcotte Stamer.

A Fellow in the American College of Employee Benefit Council, immediate past Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Group and current Co-Chair of its Welfare Benefit Committee, Vice-Chair of the ABA TIPS Employee Benefits Committee, a council member of the ABA Joint Committee on Employee Benefits, and past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer is recognized, internationally, nationally and locally for her more than 24 years of work, advocacy, education and publications on employee benefit, human resources and related workforce, insurance and financial services, and health care matters.

A board certified labor and employment attorney widely known for her extensive and creative knowledge and experienced with health and managed care, insurance and other employment, employee benefit and compensation matters, Ms. Stamer continuously advises and assists employers, employee benefit plans, their sponsoring employers, fiduciaries, insurers, administrators, service providers, insurers and others to monitor and respond to evolving legal and operational requirements and to design, administer, document and defend insured and self-insured medical and other welfare benefit, qualified and non-qualified deferred compensation and retirement, severance and other employee benefit, compensation, and human resources, management and other programs and practices tailored to the client’s human resources, employee benefits or other management goals. She also has worked extensively with Medicare and Medicaid Advantage, association, employer and other group insurance arrangements, MEWAs, fraternal benefit and mutual aid programs, government programs, and a broad range of other specialized health and other programs and insurers to design and administer arrangements in response to their unique regulatory and operational needs. A primary drafter of the Bolivian Social Security pension privatization law, Ms. Stamer also works extensively with management, service provider and other clients to monitor legislative and regulatory developments and to deal with Congressional and state legislators, regulators, and enforcement officials concerning regulatory, investigatory or enforcement concerns.

Other Resources

If you found this update of interest, you also may be interested in reviewing some of the other updates and publications authored by Ms. Stamer available including:

You can learn more about Ms. Stamer and her experience, review some of her other training, speaking, publications and other resources, and register to receive future updates about developments on these and other concerns from Ms. Stamer here. For important information concerning this communication click here.

About Solutions Law Press

Comments Off on CMS Final Medicare Rule Imposes Many Conditions On Access To Medicare Claims Data To Evaluate Providers & Suppliers | 105(h), Affordable Care Act, CHIP, COBRA, Employee Benefits, Employers, Employment Tax, ERISA, Excise Tax, Fiduciary Responsibility, FMLA, Health Care Reform, Health Plans, HIPAA, Human Resources, Income Tax, Insurance, Malpractice, Medicare Part D, Mental Health, Mental Health Parity, Patient Empowerment, Patient Protection and Affordable Care Act, Payroll Tax, Preemption, Prescription Drugs, Protected Health Information, Reporting & Disclosure, Tax Credit, Wellness Programs | Tagged: benefits, Employee Benefits, employee benefits policy, Employer, Health Care Reform, Health Insurance, health issuer, Health Plans, health policy, instruction, Insurance, Insurer, speech, Speeches, Training, WEB | Permalink
Posted by Cynthia Marcotte Stamer

EBSA Releases Collection of New M-1 and Other Guidance Impacting Multiple Employer Welfare Plans

December 5, 2011

Multiple and multi-employer health and other welfare plans are subject to special Form M-1 and other reporting and disclosure and other requirements under Federal law as amended by the Patient Protection and Affordable Care Act (“Affordable Care Act”).

The Department of Labor’s Employee Benefits Security Administration (“EBSA”) updated its website with the following new guidance under the Affordable Care Act today:

Proposed Rule on Ex Parte Cease and Desist and Summary Seizure Orders: Multiple Employer Welfare Arrangements, available at http://www.dol.gov/ebsa/pdf/proposedm1revisionsreg1.pdf
Proposed Rule on Filings Required of Multiple Employer Welfare Arrangements and Certain Other Entities, available at http://www.dol.gov/ebsa/pdf/proposedm1revisionsreg2.pdf
Notice of Proposed Revision of Annual Information Return/Report, available at http://www.dol.gov/ebsa/pdf/proposedm1revisionsreg3.pdf
Notice of Proposed Revision of the Form M-1, available at http://www.dol.gov/ebsa/pdf/proposedm1revisionsreg4.pdf
Proposed Form M-1 Revisions, available at http://www.dol.gov/ebsa/proposedm1revisions.html
Fact Sheet, available at http://www.dol.gov/ebsa/newsroom/fsproposedm1revisions.html
Related News Release, available at http://www.dol.gov/ebsa/newsroom/2011/11-1677-NAT.html

For More Information Or Assistance

Widely published on health benefit and other related matters, Ms. Stamer’s insights and articles have been published by the HealthLeaders, Modern Health Care, Managed Care Executive, the Bureau of National Affairs, Aspen Publishers, Business Insurance, Employee Benefit News, the Wall Street Journal, the American Bar Association, Aspen Publishers, World At Work, Spencer Publications, SHRM, the International Foundation, Solutions Law Press and many others.

For additional information about Ms. Stamer and her experience, see www.CynthiaStamer.com.

Comments Off on EBSA Releases Collection of New M-1 and Other Guidance Impacting Multiple Employer Welfare Plans | 105(h), Affordable Care Act, CHIP, Claims Administration, COBRA, Disability, Disability, Employee Benefits, Employers, Employment Tax, ERISA, Excise Tax, Fiduciary Responsibility, FMLA, Health Care Reform, Health Plans, HIPAA, Human Resources, Income Tax, Insurance, Malpractice, Medicare Part D, Mental Health, Mental Health Parity, Patient Empowerment, Patient Protection and Affordable Care Act, Payroll Tax, Preemption, Prescription Drugs, Protected Health Information, Reporting & Disclosure, Tax Credit, Wellness Programs | Tagged: benefits, Employee Benefits, employee benefits policy, Employer, Health Care Reform, Health Insurance, health issuer, Health Plans, health policy, instruction, Insurance, Insurer, M-1, MEWA, multi-employer, multiple employer, multiple employer welfare plan, speech, Speeches, Training, WEB | Permalink
Posted by Cynthia Marcotte Stamer

Incentives To Get Employee Into Wellness Education Requires Legal Risk Management

December 3, 2011

Employers and health plans hoping to leverage the cost containment and other benefits of effective wellness programs may find helpful insights from a new Healthy Cal report about The Network for a Healthy California. When designing and administering these programs, however, employers and health plans need to use care to manage nondiscrimination and privacy risks.

Healthy Cal reports that the experience of the The Network for a Healthy California, a partnering program by federal, state, and local agencies, shows that educational programs can help low-income families make better health choices.

According to the Healthy Cal report, the 2009 Pediatric Nutrition Surveillance data from the California Department of Public Health found that roughly 21 percent of the population in Orange County’s between the ages of 5 and 20 years, and 17 percent of children between the ages of 2 and 5 years were obese.

Healthy Cal says the Network created a number of initiatives that have helped many of Santa Ana’s low-income population access healthy foods and conducted a broad range of other educational programs for the population. Noting that the outreach sought improve food choices, cultural and awareness barriers and other understandings and patient and family behaviors and circumstances. Healthy Cal reports that these efforts are paying off. Learn more at Healthy Cal.

Effective education programs are one element of successful wellness and disease management programs. The Network’s efforts show that success from these efforts requires persistence. Of course, making wellness education work starts with getting the employees and their families to the lesson. That often is where the challenge lies.

Employers and health plans often face challenges getting employees and their family to participate in these and other wellness programs. Many employers and health plans try to overcome participation barriers by offering financial or other rewards or penalities. However, legal concerns require that these arrangements be designed and used with great care to ensure that the savings sought from the wellness program are not overshadowed by defense and liability costs.

Financial or other incentive and reward programs of course must be designed to comply with the nondiscrimination rules of the Health Insurance Portability & Accountability Act (HIPAA), the Genetic Information Nondiscrimination Act (GINA) and, perhaps most significantly of late, the Equal Employment Opportunity Commission’s interpretation of the Americans With Disabilities Act physical testing and other disability discrimination rules. Privacy requirements also can be a challenge under these laws unless information collected from screening and other wellness and disease management activities is carefully collected, routed and handled to comply with HIPAA, GINA and other privacy rules. See, e.g, EBSA Issues Guidance on Health PLan Wellness & Disease Management Programs Subject to HIPAA Nondiscrimination Rules; ADAAA Amendment Broader “Disability Definition Not Retroactive, Employer Action Needed To Manage Post 1/1/2009 Risks; Businesses Face Rising Disability Discrimination Enforcement Risks; EEOC Finalizes Updates To Disability Regulations In Response to ADA Amendments Act. A recent Florida District Court decision upholding one employer’s wellness program on the facts and circumstances may provide helpful insights for employers and health plans planning to use these arrangements on steps and evidence to retain to position to claim certain potential defenses to ADA disability discrimination claims. Until more favorable guidance evolves, however, all employers and health plans using these arrangements need to consider the potential exposures and take steps to position against a potential discrimination claim by private plaintiffs, regulators or both.

Meanwhile, all employers and health plans also should review the existing preventive care coverage provided in their health plans to ensure compliance with expanded federal mandates enacted as part of the sweeping new federal health care reform law. See e.g., Affordable Care To Require Health Plans Cover Contraception & Other Women’s Health Procedures.

Vendors enthusiastic about marketing their wellness and disease management programs frequently do not

If you need assistance addressing the legal requirements of your wellness program or other workforce, employee benefit, compensation or risk management concern, contact the author of this update. We also encourage you and others to help develop real meaningful improvements by joining Project COPE: Coalition for Patient Empowerment here by sharing ideas, tools and other solutions and other resources. TheCoalition For Responsible Health Care Policy provides a resource that concerned Americans can use to share, monitor and discuss the Health Care Reform law and other health care, insurance and related laws, regulations, policies and practices and options for promoting access to quality, affordable healthcare through the design, administration and enforcement of these regulations.You also can access information about how you can arrange for training on “Building Your Family’s Health Care Toolkit,” using the “PlayForLife” resources to organize low cost wellness programs in your workplace, school, church or other communities, and other process improvement, compliance and other training and other resources for health care providers, employers, health plans, community leaders and others here.

About Author Cynthia Marcotte Stamer

For additional information about Ms. Stamer and her experience, see www.CynthiaStamer.com.

About Project COPE: The Coalition On Patient Empowerment & Its Coalition on Responsible Health Policy

Sharing and promoting the use of practical practices, tools, information and ideas that patients and their families, health care providers, employers, health plans, communities and policymakers can share and offer to help patients, their families and others in their care communities to understand and work together to better help the patients, their family and their professional and private care community plan for and manage these needs is the purpose of Project COPE.

The best opportunity to improve access to quality, affordable health care for all Americans is for every American, and every employer, insurer, and community organization to seize the opportunity to be good Samaritans. The government, health care providers, insurers and community organizations can help by providing education and resources to make understanding and dealing with the realities of illness, disability or aging easier for a patient and their family, the affected employers and others. At the end of the day, however, caring for people requires the human touch. Americans can best improve health care by not waiting for someone else to step up: Speak up, step up and help bridge the gap when you or your organization can do so by extending yourself a little bit. Speak up to help communicate and facilitate when you can. Building health care neighborhoods filled with good neighbors throughout the community is the key.

The outcome of this latest health care reform push is only a small part of a continuing process. Whether or not the Affordable Care Act makes financing care better or worse, the same challenges exist. The real meaning of the enacted reforms will be determined largely by the shaping and implementation of regulations and enforcement actions which generally are conducted outside the public eye. Americans individually and collectively clearly should monitor and continue to provide input through this critical time to help shape constructive rather than obstructive policy. Regardless of how the policy ultimately evolves, however, Americans, American businesses, and American communities still will need to roll up their sleeves and work to deal with the realities of dealing with ill, aging and disabled people and their families. While the reimbursement and coverage map will change and new government mandates will confine providers, payers and patients, the practical needs and challenges of patients and families will be the same and confusion about the new configuration will create new challenges as patients, providers and payers work through the changes.

For Added Information and Other Resources

If you found this update of interest, you also may be interested in reviewing some of the other updates and publications authored by Ms. Stamer available including:

For Help Or More Information

If you need assistance in auditing or assessing, updating or defending your organization’s compliance, risk manage or other internal controls practices or actions, please contact the author of this update, attorney Cynthia Marcotte Stamer here or at (469)767-8872.

Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, management attorney and consultant Ms. Stamer is nationally and internationally recognized for more than 24 years of work helping employers and other management; employee benefit plans and their sponsors, administrators, fiduciaries; employee leasing, recruiting, staffing and other professional employment organizations; and others design, administer and defend innovative workforce, compensation, employee benefit and management policies and practices. Her experience includes extensive work helping employers implement, audit, manage and defend union-management relations, wage and hour, discrimination and other labor and employment laws, privacy and data security, internal investigation and discipline and other workforce and internal controls policies, procedures and actions. The Chair of the American Bar Association (ABA) RPTE Employee Benefits & Other Compensation Committee, a Council Representative on the ABA Joint Committee on Employee Benefits, Government Affairs Committee Legislative Chair for the Dallas Human Resources Management Association, and past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, Ms. Stamer works, publishes and speaks extensively on management, reengineering, investigations, human resources and workforce, employee benefits, compensation, internal controls and risk management, federal sentencing guideline and other enforcement resolution actions, and related matters. She also is recognized for her publications, industry leadership, workshops and presentations on these and other human resources concerns and regularly speaks and conducts training on these matters. Her insights on these and other matters appear in the Bureau of National Affairs, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, and many other national and local publications. For additional information about Ms. Stamer and her experience or to access other publications by Ms. Stamer see here or contact Ms. Stamer directly.

About Solutions Law Press

Solutions Law Press™ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources at www.solutionslawpress.com.

Comments Off on Incentives To Get Employee Into Wellness Education Requires Legal Risk Management | 105(h), Affordable Care Act, CHIP, COBRA, Employee Benefits, Employers, Employment Tax, ERISA, Excise Tax, Fiduciary Responsibility, FMLA, Health Care Reform, Health Plans, HIPAA, Human Resources, Income Tax, Insurance, Malpractice, Medicare Part D, Mental Health, Mental Health Parity, Patient Empowerment, Patient Protection and Affordable Care Act, Payroll Tax, Preemption, Prescription Drugs, Protected Health Information, Reporting & Disclosure, Tax Credit, Wellness Programs | Tagged: benefits, Employee Benefits, employee benefits policy, Employer, Health Care Reform, Health Insurance, health issuer, Health Plans, health policy, instruction, Insurance, Insurer, speech, Speeches, Training, WEB | Permalink
Posted by Cynthia Marcotte Stamer

HHS Chides Insurer For “Excessive” Premium Increases After Affordable Care Act Rate Audit

November 21, 2011

The U.S. Department of Health and Human Services (HHS) is seeking to publicly shame Everence Insurance of Pennsylvania for charging small businesses what HHS claims are “unreasonably high” premium increases.

According to HHS, its first federal rate review under the Affordable Care Act found that Everence’s 12 percent rate increase for small businesses in Pennsylvania. After reviewing the rate, HHS says independent experts determined the choice of assumptions the company based its rate increase on reflected national data rather than reliable and available state data. These assumptions resulted in what HHS characterizes as an “unreasonably high premium in relation to the benefits provided to small businesses by Everence Insurance of Pennsylvania.

While the Affordable Care Act gave HHS the ability to conduct and publish health insurer rate reviews but does not grant HHS the authority to actually force covered health insurers to change their rates. While some state laws may give state regulators this authority, HHS’ authority remains limited to drawing public attention to carrier rate increases that HHS perceives as excessive.

In an effort to use public opinion to chastise Everence Insurance of Pennsylvania, HHS is using its media might to publicize its findings. “We have called on this insurer to immediately rescind the rate, issue refunds to consumers or publicly explain their refusal to do so,” said Steve Larsen, director of the Center for Consumer Information and Insurance Oversight at the Centers for Medicare & Medicaid Services.

HHS’s announcement of its findings about Everence Insurance of Pennsylvania marks the first of many reviews that HHS will do in addition to insurance rate reviews already being done by states. HHS says it intends to review all health insurer proposals to raise rates by 10 percent or more this year.

Companies that HHS finds have made excessive rate increases can either reduce their rate hikes or post a justification on their website within 10 days of the rate review determination. As of publication, Everence Insurance of Pennsylvania had not published a public rebuttal to the HHS announcement on its website or indicated how it plans to respond to the announcement. See here.

For More Information Or Assistance

For additional information about Ms. Stamer and her experience, see www.CynthiaStamer.com.

Comments Off on HHS Chides Insurer For “Excessive” Premium Increases After Affordable Care Act Rate Audit | 105(h), Affordable Care Act, CHIP, COBRA, Employee Benefits, Employers, Employment Tax, ERISA, Excise Tax, Fiduciary Responsibility, FMLA, Health Care Reform, Health Plans, HIPAA, Human Resources, Income Tax, Insurance, Malpractice, Medicare Part D, Mental Health, Mental Health Parity, Patient Empowerment, Patient Protection and Affordable Care Act, Payroll Tax, Preemption, Prescription Drugs, Protected Health Information, Reporting & Disclosure, Tax Credit, Wellness Programs | Tagged: Affordable Care Act, Employee Benefits, employee benefits policy, Employer, Health Care Reform, Health Insurance, health issuer, Health Plans, health premiums, instruction, Insurance, Insurer, speech, Speeches, Training, WEB | Permalink
Posted by Cynthia Marcotte Stamer

$50K Settlement Shows Small Breach Reports Carry Enforcement Risk

Get Up To Date On Details of New De-Identification Guidance & Other HIPAA Developments By Participating In 12/12 HIPAA Update Web Workshop

Email Subscription

Pages

Recent Posts

Archives

Share this blog

Solutions Law Press HR & Benefits Update