With Thanksgiving only two days away, the Departments of Health and Human Services, Labor and the Treasury (collectively, the "Departments") jointly released proposed rules on wellness programs to reflect the changes to existing wellness provisions made by the Affordable Care Act (ACA). The proposed rules would be effective for plan years starting on or after January 1, 2014.

The proposed rules would retain many of the existing rules pertaining to "participatory wellness programs" (generally, programs providing rewards without regard to an individual’s health status) and "health-contingent wellness programs" (generally, programs that require individuals to meet a specific standard related to their health to obtain a reward). However, the Departments propose a number of changes, some of which are summarized below. They also seek comments from employers and others on a range of issues concerning wellness programs which must be submitted approximately 60 days from the date of this post.

What are some of the key changes:

  • In addition to implementing the statutory change in the ACA that increases the maximum permissible reward under a health-contingent wellness program from 20 percent to 30 percent of the cost of health coverage, the Departments would further increase the maximum reward to 50 percent for programs designed to prevent or reduce tobacco use.
  • If a reasonable alternative standard is an educational program, the plan cannot require individuals to find such a program on their own, nor may the plan require individuals to pay for the program. Similarly, in the case of diet programs, while the plan does not have to cover the cost of food, it must pay the cost of admission to the program.
  • The Departments would continue to permit employers to obtain physician verification that an individual’s health factor makes it unreasonably difficult for the individual to satisfy, or medically inadvisable for the individual to attempt to satisfy, the otherwise applicable standard, provided doing so is reasonable as required under the ACA. The regulations propose that it would not be reasonable for a plan to seek verification of a claim that is obviously valid based on the nature of the individual’s known medical condition.
  • In order to be reasonably designed to promote health or prevent disease, where the initial standard for the reward is based on a measurement, test or screening, programs would be required to offer a different, reasonable means of qualifying for the reward to any individual who does not meet the standard based on the measurement, test or screening.
  • The proposed regulations also confirm that adverse benefit determinations dealing with whether a participant or beneficiary is entitled to a reasonable alternative standard for a reward are situations eligible for Federal external review under the ACA claims and appeals procedures.
  • The Departments would also provide new language to communicate to program participants the opportunity for a reasonable alternative to achieving the reward under the program:

Your health plan is committed to helping you achieve your best health status. Rewards for participating in a wellness program are available to all employees. If you think you might be unable to meet a standard for a reward under this wellness program, you might qualify for an opportunity to earn the same reward by different means. Contact us at [insert contact information] and we will work with you to find a wellness program with the same reward that is right for you in light of your health status.

Over the past few years, many employers have implemented wellness programs hoping to provide employees opportunities to enhance their health, manage unhealthy behaviors and control plan costs. The Departments are hopeful that once final the regulations will provide clarity to some of the biggest challenges facing wellness programs, although some critical issues remain for employers, including the effects of other laws, such as the Americans with Disabilities Act, the Genetic Information Nondiscrimination Act, federal and state privacy laws, and off-duty activity laws. For this reason, employers may want to take advantage of the opportunity to submit comments concerning these programs in the hope of shaping the law to suit their needs. 

Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Joseph J. Lazzarotti Joseph J. Lazzarotti

Joseph J. Lazzarotti is a principal in the Berkeley Heights, New Jersey, office of Jackson Lewis P.C. He founded and currently co-leads the firm’s Privacy, Data and Cybersecurity practice group, edits the firm’s Privacy Blog, and is a Certified Information Privacy Professional (CIPP)…

Joseph J. Lazzarotti is a principal in the Berkeley Heights, New Jersey, office of Jackson Lewis P.C. He founded and currently co-leads the firm’s Privacy, Data and Cybersecurity practice group, edits the firm’s Privacy Blog, and is a Certified Information Privacy Professional (CIPP) with the International Association of Privacy Professionals. Trained as an employee benefits lawyer, focused on compliance, Joe also is a member of the firm’s Employee Benefits practice group.

In short, his practice focuses on the matrix of laws governing the privacy, security, and management of data, as well as the impact and regulation of social media. He also counsels companies on compliance, fiduciary, taxation, and administrative matters with respect to employee benefit plans.

Privacy and cybersecurity experience – Joe counsels multinational, national and regional companies in all industries on the broad array of laws, regulations, best practices, and preventive safeguards. The following are examples of areas of focus in his practice:

  • Advising health care providers, business associates, and group health plan sponsors concerning HIPAA/HITECH compliance, including risk assessments, policies and procedures, incident response plan development, vendor assessment and management programs, and training.
  • Coached hundreds of companies through the investigation, remediation, notification, and overall response to data breaches of all kinds – PHI, PII, payment card, etc.
  • Helping organizations address questions about the application, implementation, and overall compliance with European Union’s General Data Protection Regulation (GDPR) and, in particular, its implications in the U.S., together with preparing for the California Consumer Privacy Act.
  • Working with organizations to develop and implement video, audio, and data-driven monitoring and surveillance programs. For instance, in the transportation and related industries, Joe has worked with numerous clients on fleet management programs involving the use of telematics, dash-cams, event data recorders (EDR), and related technologies. He also has advised many clients in the use of biometrics including with regard to consent, data security, and retention issues under BIPA and other laws.
  • Assisting clients with growing state data security mandates to safeguard personal information, including steering clients through detailed risk assessments and converting those assessments into practical “best practice” risk management solutions, including written information security programs (WISPs). Related work includes compliance advice concerning FTC Act, Regulation S-P, GLBA, and New York Reg. 500.
  • Advising clients about best practices for electronic communications, including in social media, as well as when communicating under a “bring your own device” (BYOD) or “company owned personally enabled device” (COPE) environment.
  • Conducting various levels of privacy and data security training for executives and employees
  • Supports organizations through mergers, acquisitions, and reorganizations with regard to the handling of employee and customer data, and the safeguarding of that data during the transaction.
  • Representing organizations in matters involving inquiries into privacy and data security compliance before federal and state agencies including the HHS Office of Civil Rights, Federal Trade Commission, and various state Attorneys General.

Benefits counseling experience – Joe’s work in the benefits counseling area covers many areas of employee benefits law. Below are some examples of that work:

  • As part of the Firm’s Health Care Reform Team, he advises employers and plan sponsors regarding the establishment, administration and operation of fully insured and self-funded health and welfare plans to comply with ERISA, IRC, ACA/PPACA, HIPAA, COBRA, ADA, GINA, and other related laws.
  • Guiding clients through the selection of plan service providers, along with negotiating service agreements with vendors to address plan compliance and operations, while leveraging data security experience to ensure plan data is safeguarded.
  • Counsels plan sponsors on day-to-day compliance and administrative issues affecting plans.
  • Assists in the design and drafting of benefit plan documents, including severance and fringe benefit plans.
  • Advises plan sponsors concerning employee benefit plan operation, administration and correcting errors in operation.

Joe speaks and writes regularly on current employee benefits and data privacy and cybersecurity topics and his work has been published in leading business and legal journals and media outlets, such as The Washington Post, Inside Counsel, Bloomberg, The National Law Journal, Financial Times, Business Insurance, HR Magazine and NPR, as well as the ABA Journal, The American Lawyer, Law360, Bender’s Labor and Employment Bulletin, the Australian Privacy Law Bulletin and the Privacy, and Data Security Law Journal.

Joe served as a judicial law clerk for the Honorable Laura Denvir Stith on the Missouri Court of Appeals.