June 2011 Benefit Plan Compliance

Benefit Plan Compliance: Would Your Plans
Survive An Agency Audit?
June 15, 2011
Stacy H. Barrow
sbarrow@proskauer.com
617.526.9648
1
© 2011 Proskauer. All Rights Reserved.
Agenda
• “State of the Union” on National Health Care Reform
• Plan documentation requirements
• Form 5500s
• HIPAA Portability
• HIPAA Privacy and Security
• Cafeteria Plans
• Wellness Plans
• Note: Materials are up-to-date as of June 15, 2011
2
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
Plan Document
• ERISA requires that every employee benefit plan be established and
maintained pursuant to a written plan document that describes the
benefit structure and guides the plan’s day-to-day operations
• Plans must reflect current law and plan operation must be in
accordance with the terms of the plan
• The document must list one or more named fiduciaries for the plan
- Can be identified by office or by name
- May be an administrative committee or a company’s board of directors
• The plan document must be provided to participants and beneficiaries
no later than 30 days after a written request
3
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
The Plan Document must include the following information:
• Plan operation details
• Name of the plan administrator; if no plan administrator is named, the
company/employer will be the plan administrator and also will be a
“named fiduciary”
• Plan administration procedures and any delegation of responsibilities to
other parties (e.g., claims review)
• Funding policy and procedure
• Plan amendment and termination procedures
• Explanation of how and when payments will be made under the plan
4
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
Checklist
• Must be made available to participants for inspection
• A copy must be provided upon participant request
• Common Issues—Retirement Plans
- Plan documents not on site—problem with prototype providers who only provide “adoption
agreement”
- Plan documents not properly amended for applicable law
• Common Issues—Welfare Plans
- Undocumented Arrangements—particularly an issue with flex plans, HRAs and EAPs
- Whether “certificate of coverage” constitutes health plan for insured plans
- Poor documentation of benefits for self-insured plans
5
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
Summary Plan Description (SPD)
• SPD must be consistent with plan terms
• Copy of SPD must be provided to each participant – must have
demonstrated procedures
• SPD can be provided to employees with enrollment materials
• SPD must be provided within 120 days after a plan first becomes
subject to ERISA
• SPD must be provided within 90 days after an individual becomes a
participant
• SPD must be provided every five years if there have been any changes
to the plan during the five-year period
6
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
Summary Plan Description
• SPD must be provided every ten years if there have been no changes
to the plan
• If material reduction in covered services is made to plan, notice of the
reduction must be provided within 60 days after the adoption of the
change (unless SPDs are issued at least every 90 days)
• Participants and beneficiaries may also make written request for a copy
of the SPD
7
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
Summary Plan Description
• Common Issues—Retirement Plans
- SPD terms offered by prototype provider do not match
(i) adoption agreement or (ii) plan operation
• Common Issues—Health Plans
- Benefits description booklets provided by health insurers are not
SPDs
- SPD does not properly reflect eligibility requirements imposed by
employer
- Does not include required provisions (WHCRA, claims procedures,
ERISA rights, etc.)
8
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
Summary of Material Modification (SMM)
• Copy of SMM must be provided to each participant and each
beneficiary no later than 210 days after the end of the plan year
in which the change is adopted
• No prescribed format for SMM
• SMM can be in letter, memo or other format
• An updated SPD can be provided instead of the SMM
• SMM may be combined with other documents
• Plan identifying information should be included
9
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
Summary Annual Report (SAR)
• Prescribed format
• SAR must be provided by the end of the ninth month after the close of
the plan year (September 30 for calendar year plans)
• Extension of two months granted if Form 5558 completed and
submitted with Form 5500
• Common Issues—Health Plans
- Common misconception that SARs are not required for health plans
- If a Schedule A is required (or the plan is funded through a trust), a
SAR is required
10
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
Electronic Disclosure
• ERISA Includes a Number of “Notice” Requirements:
-
SPDs
Plan Amendments
SARs
COBRA Notices
HIPAA Notices
- Creditable Coverage
- Special Enrollment Rights Notice
- Pre-Existing Condition Limitation Notice
- Notice of Privacy Practices
- Women’s Health and Cancer Rights Act (WHCRA) Notice
- Qualified Medical Child Support Order (QMCSO)
11
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
Electronic Delivery
• ERISA Regulations permit electronic delivery of Notices if
certain requirements are met:
12
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
• The basics:
- Delivery steps taken for furnishing documents are reasonably calculated to
result in the actual receipt of the documents
- Using return-receipt or notice of undelivered e-mail features
- Conducting periodic reviews or surveys to confirm receipt
- Reasonable and appropriate steps taken to safeguard confidentiality of
personal information related to accounts and benefits
- Electronically delivered documents are prepared/furnished in a manner
consistent with the style, format and content requirements applicable to the
document
- A paper version of the electronic document must be available on request (at
no charge)
- Each time an electronic document is furnished, a notice (electronic or paper)
must be provided to each recipient describing the significance of the
document
13
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
Electronic Delivery
• Once basic requirements are met, documents may be furnished to two classes of
potential recipients:
- Participants who have the ability to access documents through employer’s
electronic information system located where they are reasonably expected to
perform duties
- Employees working from home or on travel are covered
- Distribution through a kiosk in a common area in the workplace does not
comply with the requirements
- Other participants
- Retirees and terminated participants with vested benefits, beneficiaries,
alternate payees
- Must affirmatively consent to receive the documents electronically
- Provide an electronic address
- Reasonably demonstrate their ability to access documents in electronic form
14
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
Document Retention
• Basic Rule: employee benefit plan documents and documents
required by ERISA must be retained for six years after the
date of filing, resolution, or amendment
• Materials should be preserved in a manner and format that
permits ready retrieval
• All records including annual reports, disclosures, amendments
and resolutions should be retained
15
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
• This includes:
- Original signed plan documents and amendments
- Corporate resolutions/committee actions related to the plan
- Plan disclosures and communications to participants--Form 5500s, SARs,
SPDs, SMMs, etc.
- Financial reports, audits, and related statements
- Trust documents
- Nondiscrimination and coverage testing results
- Disputed claim records in the event of future litigation
- Payroll and census data used to determine eligibility and contributions
- Notices of Creditable/Non-creditable coverage
16
© 2011 Proskauer. All Rights Reserved.
Plan Documentation Requirements
• Common misconception: agencies only look back
three years—NOT TRUE
- Note: It is a good internal practice for the official plan
documents to be retained for the life of the plan, so
that the plan sponsor has a paper trail of the plan from
its inception
17
© 2011 Proskauer. All Rights Reserved.
Form 5500’s
• Annual Report--Form 5500
• Checklist
- Form 5500 must be filed by the end of the seventh month after the
close of the plan year (July 31 for calendar year plans)
- Extension of 2½ months if Form 5558 timely filed
- Required for all Retirement Plans
- Large plans (100+ participants) must include audit each year by
an independent qualified public accountant (IQPA)
- Small plans may not be required to have audit
18
© 2011 Proskauer. All Rights Reserved.
Form 5500’s
• Annual Report--Form 5500—Always a Part of Every Audit
• Checklist
- Health care flexible spending account plans, health care plans,
dental plans, long-term disability plans, AD&D plans and group term
life plans are required to file Form 5500
- Common Misconception: There is NO BLANKET
EXEMPTION for tax-exempt entities
- Required if health plan is insured and has 100 or more participants
on the first day of the plan year
- Premium Only Plans not required to file Form 5500
- Dependent care flexible spending account plans funded with only
salary reductions are not ERISA welfare benefit plans and are not
required to file Form 5500
19
© 2011 Proskauer. All Rights Reserved.
Form 5500’s
• Annual Report--Form 5500
• Checklist
- Late Filers - Plan administrators filing a late annual report (i.e., after
the date the report was required to be filed, including extensions)
may be assessed $50 per day, with no limit, for the period they
failed to file, determined without regard to any extensions for filing
- Non-Filers - Plan administrators who fail to file an annual report may
be assessed a penalty of $300 per day, up to $30,000 per year, until
a complete annual report is filed
- Consider Delinquent Filer Program (only available prior to audit)
- For Welfare Plans: Consider a Wrap Plan Document
20
© 2011 Proskauer. All Rights Reserved.
HIPAA Portability
HIPAA Portability
• Extensive & Focused Audit Activity on Portability
• Provide certificate of creditable coverage – must be
provided:
- When regular health care coverage is lost
- When COBRA coverage is lost
- Upon request while individual is covered by the plan or within two
years after losing coverage
21
© 2011 Proskauer. All Rights Reserved.
HIPAA Portability
• Provide notice of special enrollment rights
• Provide preexisting condition notice – must include:
- Terms of the preexisting condition exclusion
- Explanation of right to request a certificate of creditable coverage
from prior health plan
- Statement of plan’s willingness to assist in obtaining the certificate
of creditable coverage
22
© 2011 Proskauer. All Rights Reserved.
HIPAA Privacy & Security
• Privacy Standards Compliance Checklist
- Determine whether any state privacy laws apply to the group health plan
- Identify group health plan’s current uses and disclosures of protected health
information, including the individuals who have access to protected health
information
- Determine which current uses and disclosures are permitted and under what
circumstances
- Determine whether group health plan documents need to be amended in
order to (or continue to) receive protected health information for plan
administrative purposes
- Identify service providers who are business associates
- Determine whether business associate service provider contracts need to be
amended to comply with privacy rules
23
© 2011 Proskauer. All Rights Reserved.
HIPAA Privacy & Security
• Privacy Standards Compliance Checklist
- Appoint a privacy officer
- Establish privacy policies and draft related procedures
- Distribute privacy notice
- Train workforce on privacy policies and procedures
- Establish appropriate safeguards for protecting PHI from
accidental or intentional use in violation of the privacy standards
- NEW RULES & PENALTIES were effective starting in 2010
24
© 2011 Proskauer. All Rights Reserved.
HIPAA Privacy & Security
• Security Standards Compliance Checklist
- New HITECH Rules for Privacy & Encryption
- New Penalty Structure
- Increased enforcement
- IT Manager should be familiar with HIPAA Security Standards and
be able to demonstrate compliance
25
© 2011 Proskauer. All Rights Reserved.
Cafeteria Plans
• Increased Audit Activity
- Expected because IRS released regulations in 2007
• Plan Documentation Issues Are Big Issue
• Non-Discrimination Testing Big Focus
- All components of the cafeteria plan must be tested annually
- Keep documentation for six years
- Be prepared for IRS Audit
26
© 2011 Proskauer. All Rights Reserved.
General Nondiscrimination Rules under HIPAA
• Individuals cannot be denied eligibility for benefits or charged more for
coverage because of any "health factor," including:
- Health status
- Medical condition (both physical and mental)
- Claims experience
- Receipt of health care
- Medical history
- Genetic information
- Evidence of insurability
- Disability
27
© 2011 Proskauer. All Rights Reserved.
Wellness Programs
• Wellness programs are designed to promote health and prevent disease, and are
an exception to HIPAA's nondiscrimination rules
• Examples of common wellness programs include:
- blood pressure and cholesterol screenings
- smoking cessation programs
- weight-loss programs
• A typical disease management program might target individuals who have or are
at risk for developing diabetes and make case managers available to them to
monitor compliance with medication protocols
• Both wellness and disease management programs are often structured to provide
a financial reward for participating
28
© 2011 Proskauer. All Rights Reserved.
HRAs
• The cornerstone of an effective wellness program is often a Health Risk
Assessment (HRA) and/or biometric testing
• "Voluntary" HRAs are generally regarded as ineffectual
- Only those who are health conscious will be conscientious about completing them and
returning them
• "Involuntary" HRAs are those that are coupled with rewards or penalties and are
generally more effective
- Reward (bonus payment, gift cards, premium reduction, enhanced benefits)
- Penalty (premium increase, condition to eligibility, limits on benefits)
• US Department of Labor condones use of "involuntary" HRAs, as long as results
are not basis for reward or penalty
29
© 2011 Proskauer. All Rights Reserved.
HRAs
• U.S. Equal Employment Opportunity Commission
- Jurisdiction over individual rights claims, including under the
Americans with Disabilities Act (ADA)
- ADA generally establishes a per se violation for any employer
inquiring about an employee's health condition
- EEOC has said that voluntary HRAs are "OK"
- Involuntary HRAs violate the ADA
• While ERISA preempts most state laws (with limited
exceptions), it does not preempt other federal laws
- DOL has no greater authority in this area than the EEOC
30
© 2011 Proskauer. All Rights Reserved.
HRAs & PPACA
• PPACA includes provisions designed to promote the use of
wellness programs
- Despite what "internet lawyers" will tell you, PPACA did not
address this issue, despite it being well known to the Obama
Administration and the House and Senate leadership that two
federal agencies held inconsistent positions
- So, current state of the law is that the EEOC believes involuntary
HRAs violate federal law & the DOL believes they don't
31
© 2011 Proskauer. All Rights Reserved.
Seff v. Broward County
• Predictably, a class action suit was filed in a federal district
court—Seff v. Broward County
• Plaintiffs alleged that Broward County violated the ADA by
imposing a $20 bi-weekly premium surcharge on anyone who
failed or refused to complete a HRA and biometric screening as
part of a "wellness program"
• EEOC was not a party to this suit
• Many worried that this could lead to a decision adverse to the
use of HRAs
32
© 2011 Proskauer. All Rights Reserved.
Seff v. Broward County
• The Court reviewed the reasons for implementing a wellness
program (rising costs) and noted key factors of the program
• Then held that the wellness program (including the HRA and
screening) were terms of the employer's group health plan,
which is a "bona fide benefit plan" within the meaning of the
insurance safe-harbor provisions of the ADA
• The insurance safe-harbor provision is designed to protect
insurers from violating the ADA because of plan design
• The Seff Court held that the HRA and screening and wellness
programs used by the County were part of the County's health
plan and protected by the safe harbor
• Plaintiffs' suit was dismissed (but watch for an appeal)
33
© 2011 Proskauer. All Rights Reserved.
Seff v. Broward County
• The Court noted that the County paid for the entire cost of the
wellness program;
• Only those enrolled in the underlying group health plans could
participate in the wellness program;
• Plan documentation clearly established that completion of the
HRA and biometric screening was required and set out the
penalty for non-compliance; and
• Information obtained was not available to the employer in
identifiable form but was used as part of the underwriting
process for the insurance product
34
© 2011 Proskauer. All Rights Reserved.
Learning from Seff
• Employers considering requiring completion of an HRA as a condition
to eligibility or condition to reduced rates should consider the following:
- Document clearly as part of enrollment process
- Forms, internet, general material should clearly state that this is a
condition of enrollment in the group health plan
- Summary Plan Descriptions—don't forget to update, consider an SMM
- Update should clarify that Screening is part of enrollment process
- Need to focus on COBRA, too
- Use of information for underwriting purposes—retaining documentation
35
© 2011 Proskauer. All Rights Reserved.
June 2011
Stacy H. Barrow
sbarrow@proskauer.com
617.526.9648
Questions?
36
© 2011 Proskauer. All Rights Reserved.