Tuesday, May 7, 2013 at 10:57PM Summer is fast approaching and we find ourselves answering a number of questions regarding the coverage of seasonal workers in employee benefit plans. For employers planning to ramp up hiring for the summer season we offer this brief review of the treatment of seasonal employees for purposes of your employee benefit plans, with emphasis on issues under the Affordable Care Act.
Monday, April 15, 2013 at 8:54AM In three previous posts devoted to the new Final Omnibus Rule under HIPAA we highlighted important changes regarding privacy breach notifications, business associates and business associate arrangements, and increased penalties and enforcement activity. We will complete our series regarding these significant new rules by suggesting steps that employers should begin to take now in order to meet the compliance deadline of September 23, 2013. While these steps are most relevant for employers that sponsor self-funded group health plans, which are considered “covered entities” for HIPAA purposes, we note that employers who provide health benefits to employees through fully insured arrangements must also be mindful of HIPAA requirements.
HIPAA, Health Plans Sunday, April 7, 2013 at 9:28AM In our two prior posts concerning the Final Omnibus Rule under HIPAA we focused on changes to the breach notification requirements and rule changes affecting business associates. We now turn to the augmented penalty and enforcement provisions incorporated in the Final Rule. Many commentators have perceived stepped up enforcement activity by the U.S. Department of Health and Human Services (“HHS”) and the changes in the penalty and enforcement provisions suggest that there will be much more of that to come.
Thursday, March 7, 2013 at 6:49AM It’s no secret that the Office of Civil Rights of the Department of Health and Human Services has been expanding its enforcement activity under the privacy and security standards of HIPAA. And it’s not surprising that enforcement activity is in the offing under the Affordable Care Act as well, and at more than one federal agency. But be advised that the Department of Labor appears to be pursuing its own robust approach to group health plan examinations, covering the HIPAA portability requirements, wellness programs, and Affordable Care Act compliance.
Here is a copy of the document request that one of our clients recently received to kick off a DOL examination that will include an on-site visit. Note that the HIPAA-related items focus on the portability and discrimination aspects of HIPAA, with questions about special enrollment rights, Certificates of Creditable Coverage, the provision of required notices, and the like. The DOL has also requested materials regarding wellness programs to assess compliance with the wellness program requirements of the HIPAA regulations (particularly as they relate to standards-based programs). The Affordable Care Act questions focus on documents that would be relevant to establish and support grandfathered status, the provision of certain mandated benefits, and related notices and disclosures. Although not specified in the document request, the time frame under review generally is 2010 through 2012 (except as otherwise noted).
In the audit context, an employer that adheres to sound documentation and recordkeeping practices will be rewarded, and a timely and comprehensive response to the pre-examination document request is the best way to start an audit going in the right direction. In this case, the documents requested by the DOL should be relatively easy to produce from internal records or obtain from third party administrators (or other consultants). For that reason, a failure to provide any of these documents (to the extent applicable to the subject plan) could be taken by a DOL investigator as an indication of an employer’s poor compliance status.
On the theory that to be forewarned is to be forearmed, we commend the attached list to your attention.
Tuesday, March 5, 2013 at 1:08PM In a previous post about the new Final Omnibus Rule under HIPAA, we highlighted important changes regarding the process by which potential privacy breaches must be evaluated and classified for notification purposes. As we observed in that post, changes that have been characterized by the Office of Civil Rights (“OCR”) of the Department of Health and Human Services as “modifications and clarifications” can have far reaching legal compliance implications for covered entities, including employer sponsored group health plans. We now turn to rule changes affecting business associates and the legal relationships between business associates and employer sponsored group health plans. Plan sponsors certainly will need to take actions to respond to the Final Rule, but the new rules have a particularly significant impact on the legal obligations of business associates.
HIPAA, Health Plans 
