UBP blog


4 major HITECH Act changes to HIPAA and 4 steps you’ll need to take to comply with them

Filed under: HR compliance — ubpblogger @ 4:12 pm
Tags: ,

As part of the ARRA Act passed earlier this year, several legislative changes were made to HIPAA. These changes were documented in the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Among other things, the HITECH Act:

  • Added breach notification rules to HIPAA
  • Extended the privacy responsibilities of covered entities to their business associates—This means that business associates of HIPAA covered entities are not only governed by the contracts that they have with covered entities, they are also now subject to the same civil and criminal penalties for HIPAA violations. In addition, they will now have to answer directly to the HHS on all HIPAA matters.
  • Increased the monetary penalties for noncompliance—Under the HITECH Act, civil penalties can go as steep as $1.5 million for all identical violations that occur in a given calendar year.
  • Enhanced enforcement capabilities (at both the state and federal level)—The HITECH Act requires formal investigations of potential breaches by the secretary of HHS in certain cases. Also, if he or she feels that the interests of a state’s residents have been threatened or affected by a HIPAA violation, a State Attorney General can bring civil action to a federal court.

As you can see, HIPAA regulations now pack more of a punch than they did before the HITECH Act. Effective February 22, 2010, when the government begins to enforce the HITECH Act, more people will be affected by its requirements and will have a lot more to lose if they are noncompliant.

Here are 4 steps you should take to comply with these much tougher HIPAA regulations:

  1. Conduct a complete risk assessment—Your assessment should first and foremost identify all personal health information (PHI) records (both manual and electronic) that you work with in your company. It should also help you determine the risks to PHI security that exist in your company and spell out all the controls you have in place for safeguarding PHI.
  2. Create a plan to mitigate your major risks—Once you’ve done your risk assessment and identified your top risks, you’ll need to then create a written plan with the appropriate controls to address these risks. You’ll also need to implement the controls from your plan into your organization’s business practices.
  3. Make sure all business associate contracts are modified by February 17, 2010—All of the added HIPAA privacy requirements applicable to covered entities will also be applicable to business associates.  As a result, all covered entities must incorporate these new requirements into their contracts with business associates by February 17, 2010 at the latest.
  4. Update policies and procedures—Take a good look at your policies and procedures and determine what needs to be updated or enhanced for compliance with HITECH. Also, business associates of HIPAA covered-entities will now be subject to HHS audits and will need to be able to produce documentation (such as policies and procedures) proving that they have formal steps in place to safeguard PHI.


House health reform bill vs. Senate bill: what’s the same and what’s different

As many of you know, the health care reform bill just recently passed in the House of Representatives, but it still needs to pass through the Senate.

This next step could prove to be very difficult as the Senate and House only agree on a few things.

Among these are:

  • A pay or play mandate for individuals: The House bill, the Senate HELP Committee bill and the Senate Finance Committee bill all require individuals to pay an annual penalty if they do not have qualifying health insurance coverage.
  • Affordability credits to lower income individuals:These credits range from 10% of the individual’s adjusted gross income (AGI) for the Senate Finance Committee bill up to 12.5% of the individual’s AGI in the Senate HELP Committee bill.
  • Expanding Medicaid by way of lowering the threshold for eligibility

Beyond these three items, there isn’t much else that the House and Senate agree on. Below are three major points of difference between the two bills.

  1. Public Option: The House bill includes a public insurance option—a government-run plan that is intended to compete with private insurers’ plans. The Senate, however, is still in the process of combining two proposals from the Finance and HELP Committees into a final bill. This final bill is expected to include the public option as well but individual states may be able to opt out of it.
  2. Cost: The House’s bill is expected to cost $1.1 trillion over the course of 10 years (which is higher than the dollar amount at which President Obama hopes to cap health care reform–$900 billion). If the cost of the Senate bill comes out to $900 billion or less, it may have a better chance of passing as the final health care reform law than the House’s bill.
  3. How the reform will be funded: To pay for all of this health care reform, the House bill will impose a 5.4% income surcharge on individuals with an AGI that exceeds $500,000 and couples with an AGI exceeding $1 million. The Senate Finance committee, however, wants to do something entirely different.

What they’ve proposed is an excise tax on high-end health plans (or so-called “Cadillac Plans”) as well a $13 billion annual tax on health insurers, and manufacturers of both pharmaceuticals and medical devices.

The Senate Finance Committee’s proposed excise tax on “Cadillac Plans” will be a 40% tax on plans with a value above: 

  • $8,000 per-year for individual coverage ($9,850 for retirees and high-risk industries)
  • $21,000 per-year for family coverage  ($26,000 for retirees and high-risk industries)

These amounts will be indexed for inflation at the CPI-U (Consumer Price Index for all urban consumers) +1%. However, in areas where the cost of living is high, considerably more plans will be taxed (even in the first year the law is implemented). Employers are already moving to more consumer-driven plans to curb healthcare costs.

Could a 40% excise tax on “Cadillac” benefits on top of a double digit rate renewal push even more employers towards high deductible plans? If so, employers will need to clearly communicate to employees how deductible plans work and also make them more aware of their healthcare spending.

To help employees out with the sticker shock of deductibles, employers may also want to consider adding tax saving instruments such as HRAs or voluntary benefits such as accident plans to help employees with high and unexpected expenses subject to their deductibles.

We’d love to discuss some of these options with you to help you figure out the plan design that will work best for your employees. So contact us via our website or call us at 617-859-1777 to get the conversation going.


Don’t you wish there was a dental insurance time machine?

So, you have a pretty bad toothache and you decide to have it checked out. You go to your dentist and find out it was a very good idea you did because guess what? You need a root canal.

Now, we all know two things for sure about root canals:

  1. They’re painful
  2. They cost a lot of money

The pain is something you’re going to have to deal with no matter what but the cost, well that’s a whole separate beast to tackle. This is especially true when you just enrolled in dental insurance a month ago and the waiting period to get a root canal is 12 months.

Now, if only you had a dental insurance time machine. That way, you could go back to a year ago, enroll in the plan and you would be able to afford your root canal today.

Unfortunately, time machines are only real in the movies, so that’s not an option. A few real options for you are:

  1. Get your root canal now and pay your dentist’s usual rate for it all out of pocket: It’ll cost you a lot of money and you won’t really be able to budget for it, plus he has his own rate and who knows how much it is?  It’s not like your dentists posts a menu of services with prices like a restaurant.
  2. Suffer for another 11 months until your insurance will cover it

So, what will you do?

Another (smart and affordable) option:

Luckily there’s a third option for people in need of immediate, affordable dental care—a discount dental plan. 

Currently, there are 40 million Americans without dental insurance and so many of them are delaying dental care, all because of cost. However, according to the American Dental Association, the best remedy against the high cost of dentistry is prevention.

Discount dental plans are unique because they provide immediate access to affordable dental care (for just a nominal monthly rate) to anyone who needs it. Perhaps your company doesn’t offer dental insurance or maybe you’re looking for a valuable voluntary benefit to offer your part-timers.

For many clients in the nonprofit sector, Universal Benefit Plans offers free employee membership to Universal Dental Plan. With this membership, our clients’ employees (whether they’re benefits eligible or not) get immediate, guaranteed 20-50% discounted rates on all dental procedures—from cleanings to crowns, even cosmetic work.  Even better, there is a published rate sheet for dental procedures that all participating dentists charge,  so you know the cost before you go to your dentist.

They also have:

  • No Claim forms
  • No Deductibles
  • No Annual Maximums (or limits on the number of procedures they can have each year)
  • No waiting periods for anything

 If you’re looking for a new way to show your employees how much you value them and help them keep a bright healthy smile for years to come, give us a call at (617) 859-1777 and see if you qualify. Or you can visit the Universal Dental Plan website at www.universaldentalplan.com.



New bill may require employers to give sick employees five paid leave days

Legislators introduced a bill last week that, if passed, would require employers to provide at least five paid sick days to employees sent home (and told to stay home) with a contagious illness. The bill is called the Emergency Influenza Containment Act and was introduced by Representative George Miller (D-CA), chairman of the House Education and Labor Committee.

If signed into law, the Emergency Influenza Containment Act would take effect 15 days after being signed and expire after 2 years.

Who would be impacted?

The Emergency Influenza Containment Act would apply to businesses with 15 or more employees. Only employees who are sent home with a contagious illness will be eligible for the five paid sick days. Employees who choose to stay home on their own would not be guaranteed paid sick days.

Why the Emergency Influenza Containment Act?

According to Representative Miller, the motivating factor behind this bill was the fact that over 40 million workers do not have paid sick days. 

Data from the Bureau of Labor Statistics reveal the following:

  • 39% of all private-sector workers don’t have paid sick days
  • Of the lowest 25% of wage earners, 63% don’t have paid sick days

On top of all this, Center for Disease Control (CDC) statistics show that a sick employee at work infects one in ten of his or her co-workers.

Will the Act really serve its purpose?

Or will more employers opt to let workers with a contagious illness simply stay at work because they can’t afford to pay them for five days of absence?

When employers simply cannot afford to lose vital employees for 5 days at a time, the best course of action to take is prevention. Encourage employees to wash hands frequently, cover their mouths when they cough or sneeze and keep all surfaces in the office germ free.

Here’s what one company is doing:

To keep up the staffing levels necessary for “business as usual” and keep employees out of work for shorter lengths of time, Fidelity Investments is offering employees just-in-case prescriptions of Tamiflu. They’ve contracted with a physicians group that will come to Fidelity’s headquarters and do screenings to see if (given each employee’s medical history) it would be appropriate to prescribe Tamiflu.

This could help employees by lessening both the duration and the severity of their flu (when taken on the first day of illness) so they can return to work sooner.



House bill could extend Federal COBRA subsidy by 6 months

The House of Representatives introduced a new bill that would extend the ARRA Act’s COBRA premium subsidy 6 months. The bill would also extend COBRA subsidy eligibility to a new group of laid off workers.

COBRA Subsidy Recap:

As you may already know, the government passed a law giving employees who  were  “involuntarily terminated” between September 1, 2008 and December 31, 2009, a 65% COBRA health care premium subsidy.  The COBRA subsidy became available to these Assistance Eligible Individuals (AEIs) March 1, 2009. AEIs could collect the subsidy for 9 months or until their COBRA eligibility ran out, whichever came first.  

If the House’s proposed bill becomes a law, here’s what would happen:

  1. The COBRA subsidy would be available to AEIs for 15 months.
  2. Individuals who were laid off between January 1, 2010 and June 30, 2010 would become eligible for the subsidy.

COBRA subsidy doubles election rate:

In the time since the ARRA Act’s COBRA subsidy became effective, the number of Assistance Eligible Individuals (AEIs) opting for COBRA coverage doubled to 38%. This is a clear message that people want health insurance and will pay for it when the premium becomes more affordable. The Obama administration is currently looking into whether or not the subsidy should be extended. 

As of now, we don’t know if it will be extended or if more workers will become eligible, but you can definitely count on us to keep you posted.


House of Representatives votes to pass the Affordable Health Care for America Act bill

By a vote of 220-215, the U.S. House of Representatives passed H.R. 3962, the Affordable Health Care for America Act bill.  This 1,990 page bill was created by merging separate health bills produced by the House Energy and Commerce, Education and Labor, and Ways and Means committees. It passed with the support of 219 Democrats and one Republican.

Here’s what the bill will do (among other things):

  • Require health insurers to sell coverage on a guaranteed issue, mostly community-rated basis.
  • Impose a 5.4% surtax on individuals with annual incomes over $500,000 and couples with annual incomes over $1 million. (This measure is designed to help the government pay for health insurance subsidies.)
  • Require all but the smallest businesses to choose between offering employees health insurance and paying an 8% payroll tax.
  • Set an annual cap of $2,500 to the amount employees can contribute to their FSAs (This cap will be adjusted for inflation as the years go on)
  • Cut Medicare provider reimbursement rates as well as support for Medicare Advantage plans

Now that the House of Representatives has passed their bill, the ball is in the Senate’s court for health care reform legislation.  The Senate is still in the process of combining drafts from the Finance Committee and Health, Education Labor and Pensions (HELP) Committee.

As overall progress towards a final health care reform bill moves along and the Senate works to pass their own bill, we’ll certainly keep you posted.



Will the CLASS Act make long-term care affordable or just make people believe it is?

The CLASS (short for Community Living Services and Support) Act, if passedwould create government-run long term care insurance available to anyone (even those who are already disabled). Currently, more than 10 million Americans need long-term care, and this number is only expected to go up as the Baby Boomer generation ages.

Here’s how the proposed plan would work.

Individuals would be automatically enrolled unless they opted out. While still actively working, they’d pay premiums in exchange for a cash benefit of at least $50 per-day in the event that they become disabled. Individuals could use this benefit to cover home care  and  adult day care services as well as assisted living and nursing home care services.

The goal of this program is to save Medicaid money and also to help seniors in need of nursing home care afford it. as The cost of nursing homes average $70,000 per-year and Medicaid only covers temporary stays.

But can we afford this?

The Congressional Budget Office estimates that the CLASS Act’s program would be fiscally solvent over a 75 year period. This is based on initial monthly premium rates of $123 (which would be adjusted for inflation as time goes on) and a $75 per-day benefit.  Individuals would need to have been paying premiums for 5 years before they could access this benefit. 

The program would begin taking premiums immediately but would not pay out any benefits until2016. Because of this, congressional budget analysts forecast that over the program’s first 10 years, it would actually reduce the Federal budget deficit on paper by $73 billion. This makes it especially attractive for lawmakers concerned with the cost of President Obama’s massive healthcare overhaul. However, with Congress voting  in 1965 to use Social Security tax revenues for purposes other than making payments to  eligible SS recipients, there are those who worry that CLASS ACT revenues may be similarly diverted. The frightening prospect of Social Security  “running out of money”  and not paying those who have been paying their taxes for years,  feeds similar fears about the Class Act program.   

And is it really a good idea for our seniors?

Or will it just confuse them? The American Council of Life Insurers says this program would do the latter.

A spokesperson for the group cited that most people already believe Medicare will cover their long-term care needs. Having a new long-term care insurance option would only add tothis false sense of security and possibly leave them financially unprepared for the real costs of care.

Supporters of the plan say that elders can use it as a base policy and buy up by adding private long-term care coverage. Just like people don’t want to live on Social Security alone, people don’t want to finance their long-term care needs with a government plan alone.

If this plan is passed, will employees no longer see the need to purchase a richer, private long-term care plan? Do they know the costs of home care, nursing home care, etc. in your city (especially in the Boston area where everything costs more than the national average)?

One thing HR professionals can consider is educating employees on the future cost of care that they’ll incur in the event that they become disabled as they age. That way they’ll know how much they’ll either need to set aside or buy in insurance.


You’re 201 CMR 17.00 compliant and that’s great but do you know how to stay compliant?

Filed under: Massachusetts encryption law — ubpblogger @ 9:24 am
Tags: ,

As you may know, Massachusetts’ upcoming law Standards for the Protection of Personal Information of Residents of the Commonwealth (201 CMR 17.00), requires all businesses that “own, license, store and maintain” personal information on any Massachusetts resident to create and implement a Written Information Security Plan (WISP).

Your WISP needs to be comprehensive and it must spell out all of your technical, physical and administrative safeguards for your personal information. If you’re company already has a WISP and it’s good to go for March 1, you’re definitely one step ahead of the game. However, you’re not off the hook just yet. You’ll need to continuously re-evaluate your plan in order to stay compliant.

Q:  The Law requires companies to evaluate their WISP for comprehensiveness and effectiveness:

A)    Once every year

B)    Once every 5 years

C)    Every time business practices change in a way that impacts personal information security

D)    Both A and C 

A:  If you answered both A and C, then you are correct. Companies required to create and implement a Written Information Security Plan (WISP) are also required to annually evaluate it and re-train employees on it as well.

They are also required to do this whenever business practices change in a way that impacts personal information security. Here’s an example.

“Well we’re movin’ on up”

Let’s say a company is doing really well, is on a trajectory for growth and decides they need to move to a new (and larger) building for more office space. At their former location, the HR department had a small office in which physical files containing employee personal information were stored. The door was only open when the HR Manager or her assistant were in the office working, at all other times it was locked and only the two of them had the key.

At their new office building, a professional cleaning crew comes in every night and vacuums the floor of each office. Because of this, the HR Manager or her assistant would now need to secure all files containing employee personal information in locked file cabinets at the end of each day. They’ll also need to ensure that only the two of them have keys to this cabinet and that all of the above measures are added to their updated WISP.

Want to learn more about the law Standards for the Protection of Personal Information of Residents of the Commonwealth (201 CMR 17.00) and the many other things you must do to get your company compliant?

Register to attend one of our free 30-minute webinars:



Blog at WordPress.com.