Headlines about "Technology"
Gathered from the web by the editors at BenefitsLink.com.
FCC Seeks Comments on Use of Broadband to Promote Health Care Delivery and Services
Excerpt: "Comments in response to the FCC's public notice on health care issues are due December 4, 2009. The Federal Communications Commission (FCC) has formally requested comments from the health care sector on ways in which broadband and other advanced communications services can be used to promote better health outcomes and the more efficient delivery of health care services. The FCC intends to use these comments to assist in its development of a National Broadband Plan to be presented to Congress in February 2010. Among other things, Congress has directed the FCC to include in its National Broadband Plan 'a plan for the use of broadband infrastructure and services in advancing health care delivery.'" (McDermott Will & Emery)
[Guidance Overview] 2008 Form 5500 Information on Defined Benefit Pension Plans Must Be Posted on Company Intranet
Excerpt: "Employers with defined benefit pension plans that have recently filed a 2008 Form 5500 should address the [disclosure] issues immediately to determine if the posting obligation applies to them, and if so, how to best comply with this new disclosure obligation. At a minimum, employers with an intranet site must make the required information available on the site as soon as possible in order to be in compliance." (Pillsbury Winthrop Shaw Pittman LLP)
Little Benefit Seen, So Far, in Electronic Patient Records, According to Study
Excerpt: "[A] new study comparing 3,000 hospitals at various stages in the adoption of computerized health records has found little difference in the cost and quality of care. 'The way electronic medical records are used now has not yet had a real impact on the quality or cost of health care,' said Dr. Ashish K. Jha, an assistant professor at the Harvard School of Public Health, who led the research project." (The New York Times; free registration required)
Social Security's Recent Enhancements to Online Retirement Estimator
Excerpt: "Michael J. Astrue, Commissioner of Social Security, today announced that the online Retirement Estimator, available at www.socialsecurity.gov/estimator, now can provide immediate and personalized benefit estimates to people who have enrolled in Medicare but have not yet filed for Social Security benefits. Previously, these 'Medicare only' beneficiaries would need to contact a local office in order to obtain an estimate of their benefits." (U.S. Social Security Administration)
[Guidance Overview] HHS's Interim Final Rule Conforming HIPAA Civil Money Penalties to HITECH Act Requirements
Excerpt: "The new HIPAA civil money penalties scheme substantially increases the potential penalties for HIPAA violations occurring on or after February 18, 2009." (McDermott Will & Emery)
Health Care Companies Not Ready for HITECH Act Compliance, According to Survey
Excerpt: "A new survey reveals most health care organizations are not properly prepared to deal with pending privacy and security compliance regulations required under the Health Information Technology for Economic and Clinical Health Act. More than 90 percent of health care companies are not ready to comply with the privacy and security provision of the Health Information Technology for Economic and Clinical Health Act, according to a survey conducted by the Ponemon Institute and sponsored by Crowe Horwath." (eWEEK.com)
[Guidance Overview] The DOL's New FAQ on Credentials for EFAST2
Excerpt: "To eliminate any doubt as to its position regarding sharing filing signer credentials, the Department of Labor (DOL) added a new FAQ to the series of EFAST2 FAQs it issued in late August . . . . The new FAQ followed closely on the heels of instructions the DOL provided to third party software developers in which they reminded software developers of their obligation to protect the integrity and privacy of the electronic signatures." (SunGard Relius)
Research Shows Attaching a Debit Card to an HSA Is Key Driver of Enrollment
Excerpt: "The debit card 'adoption and use continue to grow and grow rapidly,' says Jody Dietel, a compliance officer at WageWorks, a San Mateo, Calif.-based firm that administers flexible spending accounts, health savings accounts, health reimbursement arrangements and health care cards. 'The technology is increasing and improving rapidly. [The debit cards] continue to be a widely adopted and widely appreciated tool for consumers.'" (Employee Benefit News; free registration required)
[Guidance Overview] HHS's Increases in Civil Monetary Penalties for HIPAA Violations
Excerpt: "On October 30, 2009, the Department of Health and Human Services (HHS) published an interim final rule that significantly amends the civil monetary penalty guidelines for violations of the Health Insurance Portability and Accountability Act (HIPAA) (the 'Interim Final Rule'). These amendments, mandated by the Health Information Technology for Economic and Clinical Health Act (HITECH Act), become effective on November 30, 2009, but apply to violations occurring on or after February 18, 2009." (Troutman Sanders LLP)
Tweeting Health Benefits . . . in 140 Characters or Fewer
Excerpt: "Benefits managers are getting over their aversion to talking publicly about health benefit plans and using social media to cut through the clutter of information and connect with employees." (Workforce Management; free registration required)
[Guidance Overview] DOL's Supplemental FAQs about 2009 Form 5500 Schedule C Fee Disclosure Rules
Excerpt: "This new guidance takes the form of additional answers to frequently asked questions (FAQs), which supplement both the instructions to Schedule C and a set of FAQs released by the DOL in July 2008 (the 2008 FAQs). In general, the new FAQs clarify a number of technical issues and provide additional support for answers given in the 2008 FAQs." (Morgan, Lewis & Bockius LLP)
[Guidance Overview] Form 5500 E-Signature PINs May Not Be Shared with Preparers
Excerpt: "The DOL has clarified that 5500 filing signers (plan administrators) may not share their EFAST2 PIN with 5500 preparers and that no formalized hardship process will be established for EFAST 2 signers without access to the internet." (Fort William LLC)
On Using Texting for Communications on Savings
Excerpt: "A new study by a group of economists looking at why people save money found that sending out text reminders to participants cell phones increased savings balances by 6%. According to a Dow Jones news report, the study challenges the idea that people don't have enough self-control to save. Instead Dartmouth University economics professor Jonathan Zinman, one of the study's four authors, said savings just isn't at the top of people's minds. 'Basically all we did was remind them,' he said. The study also found that while positive or negative language didn't have a significant effect on the savings rate, mentioning a customer's specific goal did. In addition, when reminders mentioned incentives offered by the bank for consistent deposits, bank savings increased by almost 16%, the news report said." (PLANSPONSOR.com; free registration required)
5 Tips in Using Retirement Planning Tools
Excerpt: "Retirement planning software is available for free on several major investment and retirement websites. But according to a recent analysis sponsored by the Pension Research Council, these programs do an inconsistent and often poor job." (U.S. News & World Report)
E-Health Privacy Regulations Draw Congressional Fire
Excerpt: "The U.S. Department of Health and Human Services issued an interim final rule to beef up penalties for violations of the Health Insurance Portability and Accounting Act (HIPAA), as several Congressmen criticize the agency for leaving dangerous loopholes in the law." (Information Week)
[Guidance Overview] Health Risk Assessments Face Bias Hurdle
Excerpt: "Under IRS rules associated with the Genetic Information Nondiscrimination Act, employers are prohibited from collecting genetic information -- defined as family medical history -- in health risk assessments if that information will be used for 'underwriting' purposes. That includes offering employees discounts on their monthly premium contributions or lowering deductibles for completing a health risk assessment." (Workforce Management)
[Official Guidance] Text of Revised HHS Enforcement Regulations Implementing HITECH Act Provisions, Revised Limits on Administrative Simplification Rule Enforcement (PDF)
Excerpt: "[T]his interim final rule amends HIPAA's enforcement regulations, as they relate to the imposition of civil money penalties, to incorporate the HITECH Act's categories of violations, tiered ranges of civil money penalty amounts, and revised limitations on the Secretary's authority to impose civil money penalties for established violations of HIPAA's Administrative Simplification rules (HIPAA rules). This interim final rule does not make amendments with respect to those enforcement provisions of the HITECH Act that are not yet effective under the applicable statutory provisions. Such amendments will be subject to forthcoming rulemaking(s)." (U.S. Department of Health and Human Services)
HHS Unveils Online Form for Reporting HIPAA Health Information Breaches
Excerpt: "To report breaches of protected health information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA), health plans and other covered entities subject to the law's privacy requirements must use a new online form on the HHS website. HIPAA changes enacted by the 2009 HITECH Act require group health plans to report PHI breaches to HHS, even if the breach originated with a vendor or elsewhere. Initial reports of breaches affecting fewer than 500 people are due March 1, 2010." (Mercer LLC)
[Opinion] HHS Breach Notification Rules Again Under Fire
Excerpt: "The Center for Democracy and Technology is the latest to find fault with the Department of Health and Human Services' data breach rules for personal health records. Under the current interim rules health care organizations that use encryption or destruction, no breach notification is necessary, but for those who don't, the health organization makes the call on whether the breach is harmful enough to trigger a breach notification. The Department of Health and Human Services should replace its controversial harm standard for triggering a personal health record data breach notification with a risk assessment approach that requires organizations to determine whether the data was actually viewed or acquired by an unauthorized person, according to the Center for Democracy and Technology." (eWEEK.com)
EBSA Webcast to Address Form 5500 Issues
Excerpt: "[T]he Department of Labor's Employee Benefits Security Administration (EBSA) says that an important part of the discussion will focus on the Schedule C and the impact on 403(b) plans. The U.S. Department of Labor's Employee Benefits Security Administration (EBSA) says it will host a free webcast November 5 to help employers, plan administrators and service providers prepare for changes to the Form 5500 and electronic filing requirement that begin with the 2009 plan year filings. According to the announcement, this third webcast will provide more details about preparing the Form 5500 and getting ready for the new electronic filing system. In addition, EBSA staff will address questions received from the public and provide practical tips for using the new ERISA Filing Acceptance System ? known as EFAST2. EFAST2 will receive only electronic filing submissions. The Web cast is scheduled for November 5 from 2:00 to 4:00 p.m. EST. Registration is required and available on a first-come, first-served basis. You can so do at http://www.dol.gov/ebsa . . . ." (planadviser)
[Opinion] American Benefits Council Comments on Interim Final Rule on Breach Notification for Unsecured Protected Health Information (PDF)
4 pages. Excerpt: "The Council strongly supports the 'harm threshold' HHS adopted in its Interim Final Rule, requiring a covered entity to consider a number of factors to determine whether a particular disclosure poses a 'significant risk of financial, reputational, or other harm to the individual.' 45 CFR 164.402 (definition of 'breach'). If a disclosure meets the 'harm threshold,' the covered entity is required to provide notice to the affected individuals, the media (where applicable) and HHS." (American Benefits Council)
[Guidance Overview] 403(b) Plans and EFAST2
Excerpt: "This article focuses on how EFAST2 will affect the Form 5500 filing requirements for 403(b) plans. In addition, the article discusses the DOL's changes to the Form 5500 filing requirements for 403(b) plans." (SunGard Relius)
Telework Programs Can Provide Myriad Benefits If Companies Get the Appropriate Policies in Place
Excerpt: "Technology has enabled telework programs to evolve beyond images of people dialing up in pajamas to remote workers tapping advanced collaboration tools that increase productivity and ensure business continuity. In some cases, disaster recovery plans have spawned well-structured and documented telework programs. But at the majority of companies, there are no formal telework policies in place, even as more and more workers go mobile. . . . Here are 10 simple steps that can help organizations advance their telework programs from ad hoc to admirable." (Network World)
[Guidance Overview] Summary of and Suggested Action Steps to Address the GINA Interim Final Regulations
10 pages. Excerpt: "Employers whose plans include wellness, health risk assessments and/or disease management will be most affected by the new rules. Detailed action steps will depend on the specifics of the employer's health care program, but some general action steps will apply to many group health plans: . . ." (Gallagher Benefit Services)
[Guidance Overview] GINA Impacts Employer Health Plans and Use of HRAs (PDF)
Excerpt: "While consideration may be given to eliminating requests for genetic information from any HRAs entirely, employers may alternatively consider bifurcating the HRA so as to eliminate requests for genetic information where premium rewards or rebates are offered, while offering a separate voluntary HRA that would request genetic information (without any rewards, and after open enrollment). While we understand that any design changes at this time of year may be disruptive to employers' health plan administration as well as the open enrollment process, these changes may nonetheless be necessary when such a significant regulation impacting wellness programs is issued so late in the year." (Aon Consulting)
[Guidance Overview] Regulations on Genetic Information Nondiscrimination Affect Use of Health Risk Assessments, Other Programs (PDF)
Excerpt: "Interim final regulations have the weight of final regulations but are subject to future modification. Unfortunately for plan sponsors, the interim regulations leave little time for coming into compliance." (Buck Consultants)
[Guidance Overview] New HIPAA Breach Notification Rules
Excerpt: "Rather than waiting for a breach to occur and then reacting in a panic, best practice is to proactively act now to establish notice procedures, maintain breach logs, revise business associate agreements, train employees and update privacy procedures." (Briggs and Morgan P.A.)
It's Time for HIPAA Covered Entities to Update Their Policies on the Use of Cell Phones and Cameras
Excerpt: "Covered entities (CEs) should review and update their policies on cell phones and cameras and make the rules clear and highly visible to employees, patients and visitors . . . . Technology and social networking sites are simple to use and very widespread. A person can take a picture with an iPhone and post it to his or her Facebook page in an instant." (AISHealth.com)
Congressmen Want HIPAA Harm Threshold Eliminated
Excerpt: "Six members of the House of Representatives signed a letter written to HHS Secretary Kathleen Sebelius that urges HHS to repeal or revise the harm standard provision in HHS' interim final rule on breach notification. . . . The Congressmen, all but one of whom are Democrats, wrote they are 'deeply concerned' about the harm provision because it gives covered entities and business associates (BAs) a 'breadth of discretion' as they determine the level of harm to an individual whose PHI was inappropriately disclosed." (HealthLeaders Media)
[Guidance Overview] HHS's Reporting Form for HIPAA Breaches
Excerpt: "[The Department of Health and Human Services] has now published an online form for reporting breaches of unsecured PHI. The HHS form provides a checklist for plan sponsors who experience a breach of unsecured PHI. Plan sponsors can use the form to help them track breaches and to assure that appropriate preventive measures are in place." (The Segal Group, Inc.)
[Guidance Overview] Breach Notification Under the HITECH Act: Action Points for Employers Who Sponsor Self-Insured Group Health Plans (PDF)
Excerpt: "Because the Rule is currently effective and because sanctions will be imposed by HHS for failure to provide required notifications for breaches that are discovered on or after February 22, 2010, what should employers who sponsor self-insured group health plans begin doing now to comply?" (Porter Wright Morris & Arthur LLP)
[Guidance Overview] Will My Client Be Able To Navigate IFILE? More FAQs on EFAST2
Excerpt: "[Addressed here are] the issues and procedures with which the 5500 preparers and plan sponsors will need to familiarize themselves to make the transition to electronic filing. Many 5500 preparers expect the transition to mandatory electronic filing to be difficult. The primary reason for this concern is that clients (plan sponsors) will need to obtain and enter filing signer credentials electronically. Some 5500 preparers also are considering preparing the Form 5500 (in this article, references to Form 5500 include the schedules and attachments) on their desktop software and then sending it to their client to file using the DOL's IFILE system. In this article, we address the issues that a 5500 preparer will need to consider in determining whether having the client file under IFILE is a feasible option." (SunGard Relius)
Research Shows Attaching a Debit Card to an HSA Is Key Driver of Enrollment
Excerpt: "Nearly everyone is familiar with swiping a card to pay for groceries, gas and movie tickets. That familiarity, ease and convenience is helping the growth of debit cards for health savings accounts, which patients can use to pay for their pharmaceuticals, copays, medical equipment and hospital expenses. The debit card 'adoption and use continue to grow and grow rapidly,' says Jody Dietel, a compliance officer at WageWorks, a San Mateo, Calif.-based firm that administers flexible spending accounts, health savings accounts, health reimbursement arrangements and health care cards. 'The technology is increasing and improving rapidly. [The debit cards] continue to be a widely adopted and widely appreciated tool for consumers.'" (Employee Benefit News; free registration required)
[Guidance Overview] HIPAA Obligations Create Legal Challenges
Excerpt: "Until Sept. 23, when consumers' health information was accidentally disclosed, they might not have known about it. But under the new regulation, breaches must be reported to the Department of Health and Human Services and to the individuals affected. If providers cannot locate them, they must report the violation on their Web site and to the local media. The media must also be notified if a breach affects more than 500 individuals. Here's where the regulation gets a little murky . . . . It's left up to the businesses themselves to make fact-based determinations as to whether notification is necessary, based on whether there has been a 'significant risk of financial, reputational, or other harm' to the patient. 'It's a bit of a judgment call. We're waiting to see what that turns out as,' . . . ." (Wisconsin Law Journal)
[Official Guidance] Text of Proposed HHS Regs on GINA Changes to HIPAA Privacy Rule (PDF)
13 pages. Excerpt: "In accordance with section 105 of GINA 2 and the Department's general authority under sections 262 and 264 of HIPAA, the Department proposes to modify the HIPAA Privacy Rule to: (1) Explicitly provide that genetic information is health information for purposes of the Rule; (2) prohibit health plans from using or disclosing protected health information that is genetic information for underwriting purposes; (3) revise the provisions relating to the Notice of Privacy Practices for health plans that perform underwriting; (4) make a number of conforming modifications to definitions and other provisions of the Rule; and (5) make technical corrections to update the definition of 'health plan.'" (U.S. Department of Health and Human Services)
[Official Guidance] Text of GINA Regulations from U.S. Department of Health and Human Services, IRS, DOL (PDF)
35 pages, from Federal Register of October 7, 2009; 'Prohibiting Discrimination Based on Genetic Information; Interim Final Rules; HIPAA Administrative Simplification; Genetic Information Nondiscrimination Act; Proposed Rules" (U.S. Department of Health and Human Services, Internal Revenue Service, U.S. Department of Labor)
[Guidance Overview] HITECH Breach Notification Guidance and Employer Next Steps (PDF)
7 pages. Excerpt: "Significant new data security obligations apply to employer health plans under the Health Information Technology for Economic and Clinical Health Act (HITECH) that was enacted February 17, 2009 as part of the American Recovery and Reinvestment Act of 2009. . . . To avoid potentially significant notice requirements, plan sponsors will need to review their current policies, procedures, and safeguards under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and decide how best to proceed." (Aon Consulting)
[Guidance Overview] Online Form and Instructions Available for Reporting Breaches of Unsecured PHI to HHS
Excerpt: "EBIA Comment: Covered entities (including health plans) will likely appreciate this relatively straightforward form, as well as the ability to complete and file it online. It is worth noting that, for breaches affecting more than 500 individuals, ARRA requires that some of the information provided on this form be made publicly available by posting on the HHS website. ARRA also requires that OCR provide an annual report to Congress regarding the number and nature of breaches that are reported each year and the actions taken to respond to such breaches." (Employee Benefits Institute of America)
Massachusetts Takes on Identity Theft; Get Ready for the New Data Security Requirements (PDF)
Excerpt: "On August 17, 2009, the Commonwealth of Massachusetts issued new data security rules that will affect employers with workers who live in Massachusetts and businesses that serve Massachusetts residents. The rules, which are now scheduled to take effect on March 1, 2010, will require companies that touch personal information of Massachusetts residents to provide certain minimum safeguards to protect the information from unauthorized access, disclosure or misuse." (Buck Consultants)
[Official Guidance] EBSA Fact Sheet on The Genetic Information Nondiscrimination Act of 2008 (GINA)
Excerpt: "The Genetic Information Nondiscrimination Act of 2008 (GINA) prohibits discrimination in group health plan coverage based on genetic information. GINA is effective for plan years beginning after May 21, 2009 (January 1, 2010 for calendar year plans). Regulations implementing the provisions of GINA were made public on October 1, 2009." (Employee Benefits Security Administration, U.S. Department of Labor)
[Official Guidance] Interim Final Rules Prohibiting Discrimination Based on Genetic Information in Health Insurance Coverage and Group Health Plans (PDF)
137 pages. Excerpt: "This document contains interim final rules implementing sections 101 through 103 of the Genetic Information Nondiscrimination Act of 2008. These provisions prohibit discrimination based on genetic information in health insurance coverage and group health plans. . . . For the group market, these regulations become applicable to plans and issuers on the first day of the plan year beginning on or after [INSERT DATE 60 DAYS AFTER PUBLICATION IN THE FEDERAL REGISTER]. For the individual market, these regulations become applicable with respect to health insurance coverage offered, sold, issued, renewed, in effect, or operated in the individual market on or after [INSERT DATE 60 DAYS AFTER PUBLICATION IN THE FEDERAL REGISTER]." (IRS, DOL, HHS)
[Guidance Overview] Mental Health Parity: Is Your Health Plan Ready?
Excerpt: "A number of legislative and regulatory changes affecting group health plans recently have or soon will become effective in the 15 months between October 1, 2008, and January 1, 2010 [including]: * The COBRA subsidy; * Michelle's Law; * Genetic Information Nondiscrimination Act; * Special enrollment rights for persons losing CHIP or Medicare coverage or obtaining premium assistance from a state under a CHIP or Medicare program; * HIPAA privacy and security changes, including a breach notification requirement; * Final cafeteria plan regulations; and * Changes in state health insurance laws, such as the expansion of the available continuation coverage period from 18 to 36 months (New York) and modifications to the Massachusetts Health Care Reform Act. [In addition, the] Mental Health Parity and Addiction Equity Act of 2008 . . . becomes effective for plan years beginning after October 3, 2009 (a special rule applies to collectively bargained plans). Thus, the effective date is January 1, 2010, for calendar year plans." (Jackson Lewis)
[Guidance Overview] DOL Releases New FAQs on All-Electronic Form 5500 Filing Under EFAST2
Excerpt: "The DOL's EFAST website now contains 45 FAQs addressing EFAST2, the all-electronic filing system for Form 5500 that is scheduled to be available beginning January 2010. As background, final DOL regulations issued in 2007 require that all Form 5500s be filed electronically for plan years beginning on or after January 1, 2009. (Because Form 5500 is generally due by the end of the seventh month following the end of the plan year, the vast majority of plan filers will have until at least July 2010 to make the changes necessary to allow electronic filing (without extensions).)" (Employee Benefits Institute of America)
[Guidance Overview] Data Mining Coalition Battles for Prescription Data
Excerpt: "In IMS Health Inc. v. Ayotte, 550 F.3d 42 (1st Cir. N.H. 2008), cert. den., 129 S. Ct. 2864 (2009) the First Circuit upheld a Hampshire law that among other things prohibited certain transfers of physicians' prescribing histories for use in marketing drugs to physicians. A similar battle is now underway in the Second Circuit Court of Appeals over a Vermont statute. In IMS et al v. Sorrells a coalition of data mining entities seek to overturn an decision by the district court (IMS Health Inc. v. Sorrell, 2009 U.S. Dist. LEXIS 35594 (D. Vt.) (2009)) upholding the Vermont law. The Electronic Privacy Information Center (EPIC) has filed an amicus brief urging the Second Circuit to affirm the decision." (Roy Harmon III via Health Plan Law)
[Guidance Overview] DOL's 45 FAQs on EFAST2
Excerpt: "[In this article, the responses in the DOL's EFAST FAQs on] the issues and procedures with which the 5500 preparers and plan sponsors will need to familiarize themselves to make the transition to electronic filing [are summarized]." (SunGard Relius)
[Guidance Overview] New HITECH Changes to HIPAA Require Action by Group Health Plans: September 23, 2009 Effective Date
Excerpt: "The Health Information Technology for Economic and Clinical Health Act ('HITECH'), a part of the American Recovery and Reinvestment Act of 2009, imposes a new duty on covered entities (including group health plans) to notify affected individuals and, in some cases, the media and the Department of Health and Human Services ('HHS'), of a breach of unsecured protected health information ('PHI'). As required by HITECH, HHS issued regulations on August 24, 2009 providing more detail regarding this new duty. The regulations are effective September 23, 2009 but, as noted . . ., HHS will not impose sanctions for breaches discovered during the 180-day period beginning on the issue date." (Sonnenschein Nath & Rosenthal LLP)
[Guidance Overview] What Constitutes a Breach under the HIPAA HiTech Breach Notification Requirements (PDF)
Excerpt: "This advisory focuses on identifying a breach and whether possible exceptions apply. . . . Practice Pointer: Although business associates and covered entities have slightly different notice obligations,each must be able to identify 'breaches' in order to satisfy its respective notice obligations." (Alston & Bird LLP)
[Guidance Overview] Group Health Plan Sponsors Should Be Aware of Changes Made by the HITECT Act
Excerpt: "The Health Information Technology for Economic and Clinical Health Act (the 'HITECH Act'), which was part of the American Recovery and Reinvestment Act of 2009, made some significant changes to the privacy and security rules. Most of the changes are effective on, or after February 17, 2010, although some of the requirements have earlier or later effective dates. The new requirements under the HITECH Act are described [in the target page]. Sponsors of group health plans should familiarize themselves with the changes and begin to take steps to comply with the new requirements." (Snell & Wilmer LLP.)
[Guidance Overview] DOL Approval of First Commercial Software Vendor for All-Electronic Form 5500 Filing Under EFAST2
Excerpt: "EBIA Comment: After being postponed twice in response to public comment, the effective date for mandatory electronic filing is now just around the corner. The 2009 approved software list is therefore another reminder to employers, Form 5500 preparers, and advisors to step up their planning for all-electronic filing under EFAST2. To help with this transition, the DOL has presented two webcasts on 2009 Form 5500 using EFAST2, both of which are also available on the EFAST website. Among the topics addressed in these webcasts is the process for registering for electronic credentials, through which the user ID, pin, and password used to sign and transmit a completed Form 5500 to EFAST2 can be obtained." (Employee Benefits Institute of America)
[Guidance Overview] New Standards for Breaches of Health Plan Participant Unsecured Protected Health Information
Excerpt: "The new regulations are effective for breaches occurring on and after September 23, 2009, and provide employers with much-needed guidance in determining: (1) whether a 'breach' has occurred; (2) exactly when notices to the media are needed and how they are to be provided; and (3) how HHS thinks the new federal rules will work in conjunction with existing state notice requirements. HHS does indicate, however, that through March 2010, it will not impose penalties for failing to comply with the rules . . . ." (Ogletree Deakins)
[Official Guidance] Interim Final Regs: Breach Notification for Unsecured Protected Health Information (PDF)
32 pages. Excerpt: "[T]he [HITECH] Act requires HHS to issue interim final regulations within 180 days to require covered entities under [HIPAA] and their business associates to provide notification in the case of breaches of unsecured protected health information. For purposes of determining what information is 'unsecured protected health information,' in this document HHS is also issuing an update to its guidance specifying the technologies and methodologies that render protected health information unusable, unreadable, or indecipherable to unauthorized individuals." (U.S. Department of Health and Human Services)
[Official Guidance] DOL Begins to Approve EFAST2 Software Vendors for 2009 Form 5500
ftwilliam.com is the first vendor to obtain EFAST2 approval, for the 2009 Form 5500. Excerpt: "EBSA will list on this Web site the private sector companies who have developed software that has been approved for use in transmitting and/or completing the Form 5500 and Form 5500-SF under the EFAST2 system. . . . Information on these products and their vendors' is provided for the convenience of filers. The U.S. Department of Labor does not endorse or warrant these companies, their products, or their services." (Employee Benefits Security Administration, U.S. Department of Labor)
[Guidance Overview] EFAST2 Developer's Conference: Information for 5500 Preparers
Excerpt: "In our continuing series of FAQs on EFAST2, we are addressing the issues and procedures with which 5500 preparers and plan sponsors will need to familiarize themselves to make the transition to electronic filing. On August 12th, the DOL, the IRS, and Vangent (the private contractor developing EFAST2) presented an EFAST2 developer's conference. Although much of the discussion centered on issues for software developers, the DOL, the IRS and Vangent shared some important information regarding EFAST2 that we thought we would pass on to 5500 preparers." (SunGard)
Social Security to Pay Millions in Back Benefits to People Flagged in Screening
Excerpt: "The Social Security Administration has agreed to pay more than $500 million in back benefits to more than 80,000 recipients whose benefits were unfairly denied after they were flagged by a federal computer program designed to catch serious criminals, officials said Tuesday. According to a preliminary agreement, approved Tuesday by U.S. District Court Judge Claudia Wilken in Oakland, Calif., the Social Security Administration will pay recipients who have been denied benefits since Jan. 1, 2007. In addition, more than 120,000 recipients who were denied benefits before 2007 are eligible to apply for reinstatement." (The Washington Post via AARP)
[Guidance Overview] Electronic Delivery of Plan Information (PDF)
Excerpt: "DOL regulations govern electronic delivery of certain information, including Summary Plan Descriptions and Summaries of Material Modifications. IRS regulations govern electronic delivery of other information, including loan documentation, distribution option notices, rollover notices, and beneficiary designations. In general, the IRS electronic disclosure regulations are less stringent than the DOL electronic disclosure regulations with respect to affirmative consent requirements imposed on potential recipients." (Trucker Huss)
Technology Diffusion in Health Care
Excerpt: "Health care spending in the U.S. accounts for 16 percent of GDP, a much larger share than in other developed countries. Is this money well spent? On the one hand, several studies have concluded that increases in health care spending over time have yielded dramatic increases in life expectancy. Yet other studies have found that there are marked differences in spending across hospitals and regions and that higher spending is not associated with better outcomes. These latter studies suggest that there are inefficiencies in the U.S. health care system and that the U.S. may be on the 'flat of the curve' of the medical production function." (National Bureau of Economic Research)
[Guidance Overview] HHS Delegates Authority for Administration and Enforcement of HIPAA Security Rule to Office for Civil Rights
Excerpt: "EBIA Comment: Given that administration and enforcement of the privacy and security rules are naturally intertwined, the shift to consolidate authority under a single office within HHS makes practical sense. Whether this signals an adoption of a stricter attitude or approach toward enforcement remains to be seen. It is worth noting that the American Recovery and Reinvestment Act of 2009 (ARRA) mandated improved enforcement of the privacy and security rules . . . ." (Employee Benefits Institute of America)
Utah Health Exchange, Web Site Where Individuals and Businesses Can Compare and Buy Health Plans, Goes Live August 19
Excerpt: "A cornerstone of the state's health reform plans, the Utah Health Exchange marks the beginning of a defined contribution market, portable health coverage -- and giving Utahns more of a say in their health care. Only the second health insurance exchange to be developed in the country -- Massachusetts pioneered the first -- the Utah Health Exchange was created by HB 188. Signed into law by Gov. Jon Huntsman Jr. in March, it's one of four health reform bills designed to improve the affordability and accessibility of policies, and make the market more transparent." (The Salt Lake Tribune)
[Guidance Overview] Is Electronic Disclosure of Benefit Plan Documents an Option for You?
Excerpt: "Whether their goal is cost-cutting, educating employees, going green, accommodating tech-savvy employees or some combination of these, employers have been increasingly asking: Can we distribute benefit plan documents and other notices required by Title I of ERISA electronically? The short answer is, yes -- in some cases. The longer answer is that electronic disclosure is permitted as long as the employer uses a method reasonably calculated to ensure actual receipt of the information." (Warner Norcross & Judd LLP)
[Guidance Overview] Securing Data Under the New HIPAA Amendments
Excerpt: "Similar to security breach notification laws that have been enacted in more than 40 states, the HIPAA breach notification law requires that if an employer's self-insured health plan experiences a data breach involving individually identifiable health information about plan participants (known as Protected Health Information or PHI), the employer must notify those individuals whose data is involved in the breach. Unlike state laws, which generally apply only to electronic data, the HIPAA breach notification law applies to data in any form, which includes paper documents and even verbal communications. Thus, a duty to notify could arise in the following circumstances: A hacker penetrates your firewall and accesses and possibly acquires a database of health plan participants; An employee goes snooping through health plan records to find information about a co-worker; A manager accesses health plan records to make personnel decisions about employees; An employee e-mails records containing PHI to the wrong e-mail address; An employee discusses a participant's health condition with other employees . . . ." (Warner Norcross & Judd LLP)
The links shown above have been gathered from the web by the editors at BenefitsLink.com. Each article's publisher is shown above in parentheses. Opinions expressed in each article are those of the article's publisher, not necessarily those of BenefitsLink.com, Inc. or any web site that displays these headlines in a "frame." You should contact the listed publisher for copyright information about any particular article or to inquire into the right to use the article in any manner.