Smaller employers often have the benefit program managed by HR professionals who are wearing so many hats that they know the chances are high that something will fall through the cracks—and, thanks to ERISA, HIPAA and other laws, there are lots of cracks.
John F. Galvin, CEBS, is Vice President, Employee Benefits at Longfellow Benefits reports seeing more and more DOL compliance audits of smaller companies.
He also reports that with the myriad of new compliance responsibilities that benefits professionals will need to deal with as a result of PPACA, this trend may continue to grow.
Galvin lists these areas of compliance being targeted:
Summary Plan Descriptions: Much of the typical DOL audit relates to regarding Summary Plan Descriptions. SPDs were the government’s way of requiring employers to provide information on benefit plans that can be understood by the average participant. SPDs have many requirements. Detailed descriptions of benefit provisions and eligibility all must be part of the SPD. In fact, by the time all this is information is included, the document can hardly be called a “summary.”
Many mid-market employers aren’t compliant. In the event of an audit, the chances are high that an SPD will need to be produced, along with some assurance that the document is actually making its way to employees.
Many small and mid-market employers erroneously believe this is a requirement only for the large employers, but that is not the case. All employers should ensure their practices are in compliance. In fact, once an SPD is in place, many of the other compliance responsibilities associated with health & welfare plans become much easier since the document becomes the plan’s “bible.”
HIPAA: The second-most frequent item in DOL audits is related to the Health Insurance Portability and Accountability Act, or HIPAA. HIPAA is like a large tree with many different branches. When discussing HIPAA, one could be talking about its rules for handling pre-existing conditions under a health plan, rules for issuing certificates of creditable coverage to terminating participants, rules for informing participants about enrollment rights, protecting private health information, and more. Unfortunately, any one of those items might show up in a DOL audit. Employers should review HIPAA rules thoroughly to make sure their plan is in compliance.
One common problem is that under HIPAA plans must inform participants about enrollment rights, specifically “special enrollment rights.” The HIPAA Notice of Special Enrollment Rights informs eligible participants about when they can join your health plan or change their election due to certain qualifying life events such as marriage, birth of a child, or loss of eligibility under another employer’s plan.
In addition, the notice is important because it informs your participants about the timeframes in which they must request these enrollment rights. While some employers may have trouble during a DOL audit because they don’t have this notice at all, more employers are making mistakes with the actual distribution of the notice. For example, it is not uncommon for employers who have an SPD to include the notice right in that document. However, unless your SPD is being distributed to employees who are eligible for the plan but choose not to enroll, then the distribution requirements for special enrollment rights under HIPAA are not being met. Other Items: There are many other items that will generally show up on a DOL audit list.
- Employers should make sure to keep accurate records of items such as 5500 filings,
- Summary Annual Reports, contracts with plan service providers, and proof of compliance with other laws such as the distribution of notices under the Women’s Health & Cancer Rights Act.
Help: A great place to start is to visit the DOL website at www.dol.gov. The site provides an abundance of compliance assistance information in an easy-to-read format.
John F. Galvin, CEBS, is Vice President, Employee Benefits at Longfellow Benefits, a Boston-based employee benefits broker and consulting firm. He can be reached at firstname.lastname@example.org.