Compliance is always a challenge, but this holiday season, plan sponsors face a particular problem in the form of the new gag clause attestation requirement created by the
The
For purposes of this rule, a gag clause is any provision in a direct or indirect contract between a plan and a healthcare provider, network or association of providers, third-party administrator (TPA), or other service providers offering access to a network of providers that would directly or indirectly restrict a plan from:
- Providing provider-specific cost or quality of care information or data to referring providers, the plan sponsor, or plan participants;
- Electronically accessing de-identified claims and encounter information data (including on a per-claim basis) for financial information such as the allowed amount, provider information, service codes, or another other data element included in claims or encounter transactions or;
- Sharing any of the above information with business associates of the plan.
Read more:
This means that plans (and their vendors) can no longer enter contracts limiting the rights of plan sponsors, plan participants, or other vendors working on behalf of the plan to claims data.
The gag clause prohibition compliance attestation must be filed for fully insured and self-insured health plans, including ERISA, governmental and church plans. However, in the case of a fully insured plan, the attestation requirement can be fulfilled by the insured carrier on behalf of each employer plan sponsor offering coverage through its plan. Self-insured plan sponsors (including employers offering level-funded plans) remain legally responsible for their attestation whether they decide to delegate responsibility for the filing to a third party (such as a TPA) or file the attestation directly with CMS.
The actual attestation is filed through the CMS HIOS website. The plan sponsor or third-party reporting entity identifies the plan, gives certain additional demographic information and specifies which types of provider agreements are being reported on (medical, pharmacy, behavioral health, other, or all).
Read more:
An individual authorized to act on behalf of the plan must then formally attest through the system that the plan has not entered into any agreements with gag clauses since December 27, 2020 and will not do so.
The problem is this: it's tough for a plan sponsor to know what, if any, gag clauses may be out there.
First, there could be network agreements the plan sponsor has not seen (and may not even have the right to see). To help address this issue, many networks have issued "gag clause certifications" to their clients. These are useful tools but should be viewed with caution. Many employers have mistakenly assumed that receipt of such a certificate from a vendor automatically means that the employer plan is in compliance. Instead, the certifications generally state that the network the plan is using has not entered into any contracts with gag clauses. The plan sponsor still has more hurdles to clear.
Second, the plan sponsor needs to look at its direct contracts with each vendor. Do any of these contracts include gag clauses? What about confidentiality provisions or other reservations of authority to the vendor that may inadvertently or unintentionally be deemed a gag clause?
Read more:
Third, at least concerning the December 2023 filing requirement, more than just current plan vendors need to be considered. The upcoming deadline relates to any contract the plan may have entered since December 27, 2020, which could include vendors the plan no longer uses.
Finally, there isn't a "right" answer if a plan sponsor determines that they have inadvertently entered a contract with a gag clause. The gag clause prohibition attestation is mandatory, but a plan fiduciary can certainly not attest to something that is not the case. The correct answer may have to be making good-faith efforts to remove gag clauses for now.
So, where does this leave us as an industry?
It leaves us with more questions than answers. Part of the reason is that we are dealing with a hastily drafted law (December 2020 was a tumultuous time, and the CAA came together very quickly). As a result, certain employers may face situations where it is, in fact, impossible to be "fully compliant." Instead, they should strive to be "as compliant as possible."