October 09, 2017
This publication summarizes two recent, independent regulation developments under the Affordable Care Act (ACA). On October 6, 2017, the Trump Administration issued new rules that will allow more employers to opt out of providing no-cost birth control to women by claiming religious or moral objections. Employers with religious or moral objections will also be able to cover some birth control methods, and not others.
In addition, two days earlier, the Department of Health and Human Services (HHS) withdrew its proposed rules that would have required HIPAA covered entities (e.g., health plans) to certify to the HHS that their data and information systems comply with the Health Insurance Portability and Accountability Act's (HIPAA) electronic transaction standards and operating rules.
Under provisions of the ACA, the Obama administration had issued rules requiring most plans to cover all contraception methods that have been approved by the Food and Drug Administration with no out-of-pocket cost to women. The provision does not cover plans that have a grandfathered status under the law. That guarantee was previously whittled back through regulation and court actions to exempt some religious-based organizations, such as churches, and some privately held companies in which the owners have strong objections to contraception. Other nonprofit religious employers were offered an accommodation so that they didn't contract or pay for the insurance coverage for their workers.
The rules unveiled Friday expand those exemptions to any nonprofit organizations and for-profit companies with firm religious opposition, as well as health plans provided to students at colleges with a religious affiliation. A second rule extends an exemption to organizations and privately held companies that have moral objections. If an employer doesn't have any moral or religious objections to contraception coverage, current ACA guidelines still apply. Federal policy for programs that offer free or subsidized coverage to low-income women also will not change.
These new regulations are further explained in the following charts, reproduced from the Kaiser Family News October 2017 Issue Brief, "New Regulations Broadening Employer Exemptions to Contraceptive Coverage: Impact on Women", co-authored by Laurie Sobel, Alina Salganicoff, and Caroline Rosenzweig.
The rules become effective as soon as they are published in the Federal Register, which is expected on October 13, 2017, and can currently be viewed online at here and here. However, legal challenges to these rules have already begun.
In another ACA related issue, this past week HHS withdrew a proposed rule that would have required health plans to certify to the HHS that their data and information systems comply with the HIPAA electronic transaction standards and operating rules. These rules, often referred to as the electronic data interchange (EDI) rules, required covered entities (for example, group health plans) and their business associates to use standardized formats and operating rules when conducting certain electronic transactions.
The ACA specified an initial certification deadline of December 31, 2013, which was extended to December 31, 2015 under a proposed rule issued by HHS. However, this deadline was not enforced due to a lack of final guidance on the certification requirement. On October 4, 2017, HHS withdrew this proposed rule based on issues that have been raised regarding the HIPAA certification process. HHS has indicated that it will be examining these issues and exploring options and alternatives to comply with the ACA's requirement. This development is welcome news for group health plan sponsors, who will not be required to certify their HIPAA compliance until HHS issues new guidance.
Although health plans are not required to certify their HIPAA compliance at this time, there is an enforcement process in place for the EDI rules. Civil money penalties and criminal penalties may be imposed on a covered entity that fails to comply with the EDI rules. Thus, health plans and business associates that conduct standard transactions should confirm that they are complying with the EDI rules.
Health plan sponsors and their business associates should monitor whether HHS provides any additional guidance on the HIPAA certification requirement. They should also confirm that they are complying with any applicable electronic transaction standards and operating rules. As noted by HHS, there is already an enforcement process in place for these HIPAA requirements.
For More Information
For more information about this ACA Pathways or about any other health care reform-related provisions, please contact your Burnham Benefits consultant or Burnham Benefits at:
Burnham Benefits does not engage in the practice of law and this publication should not be construed as the providing of legal advice or a legal opinion of any kind. The consulting advice we provide is intended solely to assist in assessing its compliance with the Patient Protection and Affordable Care Act and other applicable federal and state law requirements, and is based on Burnham Benefit’s interpretation of federal guidance in effect as of the date of this publication. To the best of our knowledge, the information provided herein, and assumptions relied on, are reasonable and accurate as of the date of this publication. Furthermore, to ensure compliance with IRS Circular 230, any tax advice contained in this publication is not intended to be used, and cannot be used, for purposes of (i) avoiding penalties imposed under the United States Internal Revenue Code or (ii) promoting, marketing or recommending to another person any tax-related matter.