27 Mar How to prepare for a health and welfare compliance audit
by John F. Galvin
When I speak with employers about health and welfare plan compliance, I’m often asked the question: “What happens if I don’t do everything?”
It’s not that employers don’t want to follow the rules. Rather, it’s that in the mid-market, especially with employers who have fewer than 500 employees, the benefit program is often managed by HR professionals who are wearing so many hats that they know the chances are high that something will fall through the cracks — and, thanks to ERISA, HIPAA and other laws, there are lots of cracks.
When I explain that they could be subject to an audit by the Department of Labor, I’m usually met with some doubts. Some want to know if the DOL really goes after mid-market employers, or if it just focuses on large corporations. Others will wonder if the DOL would be interested in their particular industry. But we’ve seen more and more DOL compliance audits in the mid-market, and with the myriad new compliance responsibilities that benefits professionals will need to deal with as a result of health care reform, this trend may continue to grow.
Summary plan descriptions
So what does the DOL tend to focus on with health and welfare audits? Much of the typical DOL audit goes back to employer requirements outlined in the original ERISA legislation – summary plan descriptions. SPDs were the government’s way of requiring employers to provide information on benefit plans that can be understood by the average participant. However, unlike an average benefits summary, the requirements of what must be included in an SPD are numerous. Detailed descriptions of benefit provisions, eligibility, and a variety of legislation passed since 1974 all must be part of the SPD. In fact, by the time all this is information is included, the document can hardly be called a “summary.”
Given all of the work that goes into the creation of SPDs, it isn’t surprising to find out that many mid-market employers aren’t compliant. In the event of an audit, the chances are high that an SPD will need to be produced, along with some assurance that the document is actually making its way to employees correctly.
Many small and mid-market employers erroneously believe this is a requirement only for large employers. But employers of every size in any industry should review the guidelines for the creation and distribution of SPDs, and ensure their practices are compliant. In fact, once an SPD is in place, many of the other compliance responsibilities associated with health and welfare plans become much easier since the document becomes the plan’s “bible.”
The second-most frequent item in DOL audits is related to the Health Insurance Portability & Accountability Act, or HIPAA. HIPAA is like a large tree trunk with many different branches. When discussing HIPAA, one could be talking about its rules for handling pre-existing conditions under a health plan, rules for issuing certificates of creditable coverage to terminating participants, rules for informing participants about enrollment rights, protecting private health information, and more. Any one of those items might show up in a DOL audit. Employers should review HIPAA rules thoroughly to make sure their plan is in compliance.
One of the most common errors I see with mid-market employers is in regards to the requirement under HIPAA that plans inform participants about enrollment rights, or more specifically “special enrollment rights.” The HIPAA Notice of Special Enrollment Rights informs participants who are eligible for your health plan about when they can join your plan or change their election due to certain qualifying life events such as marriage, birth of a child, or loss of eligibility under another employer’s plan.
The notice is important because it informs your participants about the timeframes in which they must request these enrollment rights. While some employers may have trouble during a DOL audit because they don’t have this notice at all, more employers are making mistakes with the actual distribution of the notice. For example, it’s not uncommon for employers who have an SPD to include the notice right in that document. However, unless your SPD is being distributed to those employees who are eligible for the plan but choose not to enroll, then the distribution requirements for special enrollment rights under HIPAA are not being met. Employers should take the time to review the HIPAA notice and its requirements for distribution to make sure they are compliant.