HHS to Start Randomly Selecting Health Plans for HIPAA Compliance – Are You Ready?

The CMS Division of National Standards, on behalf of HHS, is launching the Compliance Review Program (the “Program”) to ensure compliance among covered entities with HIPAA Administrative Simplification rules for electronic health care transactions.  HHS will randomly select health plans and clearinghouses to assess compliance with: (1) transaction formats; (2) code sets; and (3) unique identifiers.  Participants in the Program will also have to attest whether they comply with the operating rules, which are required by the ACA and are defined as “the necessary business rules and guidelines for the electronic exchange of information that are not defined by a standard or its implementation specifications.”

If HHS finds that a health plan or clearinghouse is not compliant, HHS has indicated that it will give the covered entity the opportunity to correct issues and achieve compliance, but may impose penalties on covered entities that do not achieve compliance.  Read More ›

Posted in Health & Welfare Plans, Health Care Reform | Tagged , , , , , ,

Share this Article:

2017 HIPAA Enforcement – Appears Not To Be Slowing Down

To state the obvious, there has been some uncertainty regarding how the Trump Administration will affect federal agency enforcement efforts.  However, at least, in regard to HIPAA Privacy and Security, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”), appears to be unchanging in its previous course.

In the first four months of 2017, OCR has already announced seven settlements with covered entities and business associates with fines totaling over $14 million.  For some context, OCR assessed over $23.5 million in 2016, which was a record-breaking year.  These settlements are in addition to Phase 2 of OCR’s Privacy, Security, and Breach Notification Audit Program, which started in 2016 and is likely still underway. Read More ›

Posted in Employee Benefits, Health & Welfare Plans, HIPAA | Tagged , , , , , , , , , , , ,

Share this Article:

HIPAA Checkup – How Good Are Your Policies and Procedures?

Although it is not a new requirement, it is important and therefore worth a reminder:  HIPAA requires covered entities to establish and implement written policies and procedures that are consistent with its Privacy and Security Rules.

As discussed in an earlier blog, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) has begun its Phase 2 HIPAA Audit Program.  The Program will focus on the policies and procedures adopted and employed by covered entities and their business associates to meet the requirements of the Privacy, Security, and Breach Notification Rules.  Furthermore, if a group health plan is selected for an audit, it would have a very short time to produce its policies and procedures (i.e., 10 business days).  Read More ›

Posted in Employee Benefits, Health & Welfare Plans | Tagged , , , , ,

Share this Article:

Five Ways to Survive a Department of Labor (“DOL”) Health and Welfare Plan Investigation

DOL health and welfare plan investigations are on the rise. There are best practices for plans chosen for investigation:

 1.  Get Employee Benefits Counsel Involved Early.

The DOL investigation process generally starts with a letter from DOL requesting a long list of documents that range from plan documents and disclosures to financial documents (e.g., trust agreements and bank statements). This letter can be overwhelming, not only because of the sheer quantity of documents that must be produced in a relatively short time period, but also because many of the requests may be broad, vague, or even inapplicable to your plan.

Working with employee benefits counsel from the beginning may help you respond.  Read More ›

Posted in Employee Benefits, Health & Welfare Plans, Health Care Reform | Tagged , , , , , , , , , , , ,

Share this Article:

Now Is a Good Time to Revisit 409A Compliance

The IRS recently announced a Section 409A compliance initiative project.  The IRS audit project will focus on approximately 50 employers, all of whom were previously identified for employment tax audits.  The IRS indicated that it will focus its examination on: (i) initial deferral elections; (ii) subsequent deferral elections; (iii) distributions; and (iv) application of the six-month delay rule for specified employees of publicly traded companies.  Representatives from the IRS said that the examination will be limited to the top 10 most highly compensated employees of each employer.

If you are not participating in the compliance initiative project, now might be a good time to review your “nonqualified deferred compensation” arrangements for compliance with Section 409A.  Read More ›

Posted in Employee Benefits, Executive Compensation | Tagged , , , ,

Share this Article: