As we conclude our “Health Plan Hygiene” blog series, we reflect on the important insights shared about fiduciary responsibilities under the Employee Retirement Income Security Act of 1974 (ERISA) and highlight the risk posed by recent group health plan fiduciary litigation and offered strategies for mitigating these risks by meeting ERISA obligations. We have explored best practices for evaluating, selecting, and contracting with third-party administrators, emphasizing the importance of cybersecurity protocols for health plan data, and discussed the proactive review of third-party vendor fee arrangements, including pharmacy benefit managers and broker compensation structures.

As health and welfare plan fiduciaries prepare for the year ahead, how can they remain vigilant in identifying and executing their responsibilities in a climate of increasing compliance demands and associated risk?  

  1. Set up a fiduciary committee. Where a health and welfare plan document permits delegation, a named fiduciary, such as the plan administrator, may wish to delegate some of its fiduciary duties to a health and welfare plan fiduciary committee. Fiduciary committees are designed to act solely in the best interests of plan participants and beneficiaries by ensuring prudent policies and procedures are in place. A fiduciary committee typically includes designated decision-makers and at least one person with intimate knowledge of the plan’s written terms, day-to-day operations, and the plan sponsor’s participant population, such as an HR professional with a benefits background. While the delegator shares responsibility for ensuring that the committee executes its duties properly, the committee can help the delegator stay abreast of evolving compliance requirements and best practices. The committee may want to adopt a charter that addresses, at a minimum, the committee’s purpose, scope of authority and responsibilities, meeting frequency, and committee membership, including appointment and removal procedures.
  1. Document decision-making. Establish and consistently use internal recordkeeping procedures for all fiduciary decisions and actions taken regarding the plan. For example, the fiduciary committee should take minutes during all meetings to reflect on the topics discussed and the reasoning behind its decisions. Clear documentation of the decision-making process promotes transparency and becomes critical if a plan is audited or sued.
  1. Mindfully negotiate and monitor service provider contracts. Health and welfare plan fiduciaries may want to establish and use prudent processes when selecting service providers. For example, the fiduciary might request proposals from multiple service providers to assess whether the terms are appropriate for the current market. Once a service provider is selected, the fiduciary is wise to stay updated on all contracts and operations regarding the plan to ensure the terms are written and performed in the best interest of plan participants and beneficiaries. Fiduciaries may also reassess and re-negotiate fees when appropriate.
  1. Ensure plan expenses are reasonable. The fiduciary has a duty to ensure plan expenses are reasonable, including any compensation paid to experts and third-party service providers.
  1. Conduct an internal audit. ERISA requires certain employee benefit plans to submit to an annual independent audit, a report of which is filed with the Department of Labor. However, some welfare plans, such as those that covered fewer than 100 participants at the beginning of the plan year if the plan is fully insured, unfunded, or a combination of fully insured and unfunded, are excluded from this requirement. Regardless of whether an audit is required, voluntarily conducting an independent audit facilitates proper plan governance and often helps identify opportunities to improve compliance.

For questions, please contact a Jackson Lewis Employee Benefits Practice Group member or the Jackson Lewis attorney with whom you regularly work.

Our “health plan hygiene” series has focused on steps that fiduciaries of employer-sponsored group health plans can take to ensure they meet their fiduciary responsibilities.  This issue has been brought to the forefront recently due to a wave of class action lawsuits that have been brought against group health plan fiduciaries.  In our last post, we discussed the importance of a thorough RFP process and an overview of important contractual provisions.  This post will address the issue at the center of those class action lawsuits:  the fees.   

Third-Party Vendor Fee Arrangements

Health plan fiduciaries have the duty to ensure that the fees paid to third-party vendors are reasonable.  This can feel like an overwhelming task because health plans, especially self-insured health plans, can hire multiple third-party vendors to keep the plan running.  For example, third-party administrators (“TPAs”), network providers, repricing servicers, claims auditors, pharmacy benefit managers (“PBMs”), telehealth providers, and behavioral health providers may all be involved in the administration of a single health plan.  

Health plan fiduciaries should educate themselves on the potential pricing methods and fee arrangements with each of the third-party service providers.  For example:

  • “Bundled” Services and Fee Arrangements Because of the seemingly endless number of third-party vendors that may be required for health plan administration, fiduciaries will often rely on one TPA to manage and contract with the other third-party vendors.  While this can ease the burden of tracking multiple vendors, it remains the fiduciaries’ duty to ensure that the fees are reasonable for each vendor.  That means that the fiduciaries must understand the services provided by each vendor, and the fees charged by each vendor.  Fiduciaries should not rely on the TPA to manage the overall fees or to provide one total billed amount for all vendors without a breakdown.
  • Pharmacy Benefit Managers.  The recent class action lawsuits have focused heavily on PBM fees.  PBM fee structures have historically been complex and not particularly transparent, so it is essential that plan fiduciaries understand PBM pricing models. 
    • Pass-Through Pricing.  Under the pass-through pricing model, the PBM charges the plan the drug acquisition cost (the amount paid to the drug manufacturer).  Any negotiated rebates are also passed through to the plan.  The PBM receives compensation from the plan via a per-employee or per-month rate to the plan.  Proponents of the pass-through pricing model argue that pass-through pricing provides the most transparency and consistency for the plan.
    • Spread Pricing.  Under the spread pricing model, the PBM and the plan set the price that the plan pays for prescription drugs by reference to a specific benchmark price.  The PBM then negotiates a lower price with the drug manufacturer, and the PBM receives compensation on the difference (the “spread”) between the PBM’s acquisition cost and the benchmark price.  PBMs in this arrangement are financially motivated not to make formulary decisions based on which drugs have the lowest cost to the plan and beneficiaries but rather based on which drugs have the most significant spread.
    • Rebates.  PBMs negotiate rebates from drug manufacturers. The PBM may keep all or a portion of the rebate instead of paying the rebate back to the plan. 
  • Brokers Fiduciaries will often hire brokers to help identify and retain service providers for a health plan.  Brokers can provide an important service.  However, some brokers enter into commission or other compensation arrangements with service providers.  It is essential that plan fiduciaries are aware of any compensation or commission arrangements between a broker and other third-party vendors to ensure that the broker is providing the best objective recommendations, not recommendations motivated by financial gain. 

Potential Impacts

Recent class actions have highlighted the complexities and potential liabilities associated with third-party vendor fees. It is essential fiduciaries be well-informed about current third-party vendor contracts or agreements, including their termination or renewal periods. These periods can offer opportunities to reassess and renegotiate fees.

As your representative, the Jackson Lewis Employee Benefits Practice Group members can assist if you have questions or need assistance, especially when selecting service providers. Please contact a Jackson Lewis employee benefits team member or the Jackson Lewis attorney with whom you regularly work.

A health plan’s fiduciaries are responsible for administering the health plan.  Because most employers are not in the business of administering health benefits, they outsource the day-to-day health plan administration to a third-party health plan administrator (TPA).  This outsourcing does not mean the employer is off the hook for their fiduciary obligations under ERISA.  Even the evaluation and selection of a TPA is itself a fiduciary act, and employers must follow a prudent process.

Below, we provide information for employers regarding the selection, evaluation, and contracting with a TPA:

Rely on the Experts

Just as most employers are not in the business of administering health benefits, most employers are not in the business of evaluating and selecting TPAs.  To help ensure this process complies with ERISA’s fiduciary duties, employers often rely on a broker or consultant and legal counsel.  Brokers and consultants will identify TPAs that are appropriate for the employer’s size, industry, and location, provide guidance regarding the reasonableness of the TPA’s fees, and help with fee negotiation.  Legal counsel will help the fiduciary with legal compliance and contract negotiation. 

Conduct a Request for Proposal

The broker/consultant and legal counsel will help conduct a request for proposal (RFP) for a TPA.  The RFP will invite potential TPAs to submit bids and information regarding the health plan’s administration.  With the RFP, the fiduciary should: 

  • Invite several providers to respond to the request for proposal;
  • Prepare specific questions that are relevant and important to the plan’s administration;
  • Make sure the TPA’s fees are reasonable;  
  • Request sample contracts to identify any “dealbreaker” provisions; and
  • Identify potential internal conflicts that could taint the process (e.g., TPAs with other relationships with the employer). 

Thorough Review and Negotiation of Services Agreement

The employer should select a potential TPA well before the implementation date so that there is time for legal counsel and the broker/consultant to negotiate the services agreement and fees and, if necessary, select an alternate TPA if the negotiations fall apart.  Key contractual provisions include: 

  1. Indemnification provisions.  TPAs expect plan fiduciaries to indemnify the TPA against third-party claims, losses, or suits based on the services provided by the TPA to the plan and the participants.  However, the plan fiduciaries should not indemnify the TPA for claims based on the TPA’s negligence, misconduct, or fiduciary breach.  Instead, the TPA should be liable for any claims based on the TPA’s “bad actions,” and the TPA should indemnify the plan against those claims.    
  2. Accepting fiduciary responsibility.  If the TPA is authorized to interpret the plan provisions, for example, if the TPA is delegated the authority to handle claims and appeals under the plan, the TPA is acting as a fiduciary under ERISA.  In that case, the services agreement should expressly state that the TPA acknowledges its fiduciary status. 
  3. Audit rights.  Reserving the right to audit the TPA’s performance under the service agreement is important.  Beware of onerous restrictions on “claims” audits.  To avoid negative findings in audit reports, some service providers limit the number of audits a plan sponsor may undertake, establish long notice periods, or, in extreme cases, provide an exclusive list of auditors or prohibit certain auditors from conducting audits.    
  4. Termination provisions. ERISA generally prohibits fiduciaries from entering into contracts that cannot be terminated without substantial penalties or within a reasonable period. The service agreement should give the employer the flexibility to terminate. 
  5. Claims litigation. Make sure the agreement clearly states which party will handle claims litigation and which party will indemnify the other for any damages.      

Measure Twice, Cut Once

The process of selecting and contracting with a new TPA can seem overwhelming, time-consuming, and exhausting. However, taking the proper steps to ensure that the process is completed in accordance with ERISA’s fiduciary duties can save employers from costly mistakes.  

The Jackson Lewis Employee Benefits Practice Group members can assist if you have questions or need assistance. Please contact a Jackson Lewis employee benefits team member or the Jackson Lewis attorney with whom you regularly work.

The Employee Retirement Income Security Act of 1974 (ERISA) regulates most private employee benefit retirement and welfare plans. This statute’s purview is vast; it governs employer-sponsored defined benefit and defined contribution retirement plans and an array of welfare plans.

Under ERISA, a plan fiduciary is an entity that exercises authority or control over the management or disposition of plan assets. Within the ERISA context, “fiduciary” is a functional title rather than a job title. A fiduciary need not know that they have assumed fiduciary status to be liable for a potential fiduciary breach. If one fiduciary fails to meet their responsibilities, other fiduciaries may be held accountable, even if they were not directly involved. This is known as “joint and several liability.”

What are a fiduciary’s obligations under ERISA?

ERISA Section 404 and Section 2550.404a-1 of the Department of Labor’s regulations outline fiduciary obligations. The provisions demand that a fiduciary:

  • Act solely in the interest of the participants and beneficiaries, exclusively to provide benefits to them and defray reasonable expenses of the plan.
  • Carry out their duties prudently.  
  • Follow the plan documents, except where the plan document conflicts with ERISA.
  • Diversify plan investments to minimize the risk of significant losses.
  • Pay only reasonable plan expenses.

How can a plan fiduciary ensure it is fulfilling its obligations?

  • Differentiate between “fiduciary” and “settlor” functions. Not all functions related to employee benefit plans are fiduciary functions. Fiduciaries must carry out their duties in the best interests of plan participants. The administration of the plan is generally a fiduciary function. Settlor functions, in contrast, may be carried out in the best interests of the plan sponsor and may include adopting, amending, or terminating a benefits plan.
  • Manage plan administration using well-documented, rigorous decision-making processes. The fiduciary duty of prudence is a process requirement. The fiduciary does not have a duty to maximize plan asset growth or minimize plan expenses absolutely. Instead, the fiduciary has the duty to administer the plan using reasonable, rational decision-making processes. “Prudent” processes cited in recent cases include reviewing quarterly reports, engaging an investment consultant, using a watch list and investment policy statement in decision-making, and actively monitoring underperforming funds.
  • Follow the plan’s terms—and design the plan to make that possible. If a provision is written into the plan and does not conflict with ERISA, the fiduciary is bound to follow the terms of each such provision to remain in compliance. 

The Bottom Line

  • The role of a fiduciary under ERISA is both critical and complex. Fiduciaries are responsible for managing the plan’s assets and safeguarding the interests of the participants and beneficiaries. While the path to compliance with ERISA’s fiduciary obligations may seem daunting, it is based on loyalty, prudence, and adherence to the plan’s terms. By understanding and respecting these principles, fiduciaries can navigate their responsibilities.
  • The essence of fiduciary duty under ERISA is about making informed, well-considered decisions that align with the best interests of the plan participants and beneficiaries.

The Jackson Lewis Employee Benefits Practice Group members can assist if you have questions or need assistance. Please contact a Jackson Lewis employee benefits team member or the Jackson Lewis attorney with whom you regularly work.

During the next several weeks, we will publish a series of articles that dive deeply into “health plan hygiene” relating to health and welfare benefit plan fiduciary issues and how employers can protect themselves in this quickly evolving area.

Section 408(b)(2) of the Employee Retirement Income Security Act of 1974 (ERISA) requires certain disclosures regarding employee benefit plan fees.  When this so-called fee disclosure rule was put in place for retirement plans, it sparked litigation regarding whether the fees paid by defined contribution retirement plans for recordkeeping, plan administration, and investment management are too high.  These cases have included claims of ERISA fiduciary breaches and prohibited transactions and have plagued the retirement plan industry for the last two decades.

The disclosure rule was expanded by the Consolidated Appropriations Act of 2021 to apply to welfare plans, and several notable cases have already been filed against welfare benefit plan sponsors. These recent cases have included claims that the benefits committees have been imprudent in their plan design, have overpaid for benefits, have set their premiums too high because of commissions being paid to brokers, have improperly retained rebates, and have had a conflict of interest when selecting plan partners.

Note that while there is no law requiring employers to sponsor a retirement plan for their employees, the same is not necessarily true for welfare benefits. Under the Affordable Care Act, certain large employers are required to offer medical insurance to full-time employees or risk a penalty from the Internal Revenue Service.  As a result, employers who offer group health insurance will be at risk for claims regarding these benefits and services and cannot protect themselves by simply not offering the benefit.

Now is the time for plan fiduciaries to protect themselves from potential claims by revisiting their fiduciary practices as they apply to health and welfare plan administration.  

Check our blog regularly for more information on this topic.  In the meantime, please contact a Jackson Lewis employee benefits team member or the Jackson Lewis attorney with whom you regularly work if you have questions or need assistance.

As we bid farewell to 2024 and look ahead to the new year, we reflect on the many evolving compliance obligations that health and welfare plan sponsors tackle each year. Although this list is by no means exhaustive, it highlights four items and associated deadlines that have recently emerged on the health and welfare scene. Plan sponsors should review their routine compliance checklists and update as necessary to ensure a smooth transition into 2025.

  1. Gag Clause Attestations

The Consolidated Appropriations Act of 2021 generally prohibits the use of gag clauses in certain agreements and requires group health plans and health insurance issuers to annually submit a Gag Clause Prohibition Compliance Attestation. A fully insured group health plan’s responsibility is satisfied if the issuer submits an Attestation on behalf of the plan. Similarly, a self-insured plan may delegate the task of submitting the Attestation to a third-party administrator (TPA) via a written agreement if the TPA will accept this responsibility. The Attestation must be submitted to the Departments of Labor, Health & Human Services, and the Treasury by December 31st.  See this link for further details and instructions on submission.

  1. Mental Health Parity – Fiduciary Certification

In September, the Departments of Labor, HHS, and the Treasury issued new final rules amending regulations implementing the Paul Wellstone and Pete Domenici Mental Health Parity and Addiction Equity Act of 2008 (MHPAEA) and adding new regulations implementing the nonquantitative treatment limitation (NQTL) comparative analyses requirements. Consistent with the proposed rules, the final rules strengthen consumer protections by aiming to achieve parity between mental health/substance use disorder (MH/SUD) benefits and medical/surgical (M/S) benefits. The final rules generally apply to group health plans and group health insurance coverage for plan years beginning on or after January 1, 2025, although many provisions will not apply until 2026.

The final rules require that, in addition to the NQTL comparative analysis, each plan or issuer must prepare and make available to the Secretary, upon request, a written list of all NQTLs imposed under the plan or coverage. In addition, for ERISA-covered plans, this written list must be given to the named plan fiduciaries, who are required to include a certification as part of the comparative analysis. At least one of these named fiduciaries will certify they have engaged in a prudent process to select one or more qualified service providers to perform and document a comparative analysis in connection with the imposition of any NQTLs that apply to MH/SUD benefits under the plan in accordance with applicable law and regulations and have satisfied their duty to monitor those service providers as required by part 4 of ERISA. At a minimum, the certifying fiduciary should review the comparative analysis, ask questions, and discuss the findings and conclusions with the service provider responsible for performing and documenting the comparative analysis, and obtain assurance from the service provider that, to the best of its ability, the NQTL and associated comparative analysis complies with MHPAEA and its implementing regulations.

Plans subject to MHPAEA should update their existing comparative analyses to reflect the new certification requirement by the first day of the 2025 plan year.

  1. Reproductive Health Care Updates to HIPAA Policies, Procedures, and Notice of Privacy Practices

In response to the decision in Dobbs v. Jackson Women’s Health Organization that effectively overturned Roe v. Wade, the Biden-Harris Administration, through OCR, issued a final rule to modify the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule to support privacy in reproductive health care. The rule places limitations on the use and disclosure of reproductive healthcare information by healthcare providers and group health plans. The rule also requires several updates to HIPAA policies and procedures concerning health plans and operations of health care providers. Although most of those changes went into effect on December 23, 2024, HIPAA-covered entities have until February 16, 2026, to update their Notices of Privacy Practices. For more information about this change, see our blog posts: New HIPAA Final Rule Imposes Added Protections for Reproductive Health Care Privacy and HIPAA Final Rule For Reproductive Health Care Privacy with December 23, 2024, Compliance Deadline.

  1. ACA Section 1557 Notices of Nondiscrimination and Availability

The U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) enforces Section 1557 of the Affordable Care Act (Section 1557), which prohibits discrimination on the basis of race, color, national origin, age, disability, or sex (including pregnancy, sexual orientation, gender identity, and sex characteristics), in covered health programs or activities. Last spring, OCR issued a final rule under Section 1557 advancing protections against discrimination in health care. Under the final rule, covered entities (i.e., health programs and activities that receive HHS funding or are administered by HHS) must provide an annual notice of nondiscrimination to participants, beneficiaries, enrollees, applicants of their health programs and activities, and members of the public. This notice must be provided within 120 days of July 5, 2024, under the requirements of 45 CFR § 92.10. Similarly, covered entities must provide, within one year of July 5, 2024, a notice of the availability of language assistance services and auxiliary aids and services, stating at a minimum that these are free of charge when necessary for compliance with Section 1557. See 45 CFR § 92.11.

Although the rule was scheduled to go into effect on July 5, 2024, certain provisions have been stayed or enjoined pending multiple lawsuits. For example, under the final rule, a notice of nondiscrimination states in part that the covered entity does not discriminate on the basis of sex, which includes discrimination based on gender identity. However, in Tennessee v. Becerra, No. 1:24cv161-LG-BWR (S.D. Miss.), the court stayed nationwide several regulations to the extent they “extend discrimination on the basis of sex to include discrimination on the basis of gender identity”. The case is currently pending appeal.

Covered entities must continue to provide notices of nondiscrimination and availability unless specific provisions are stayed or enjoined. OCR’s sample notice of nondiscrimination currently characterizes as optional the inclusion of a statement of nondiscrimination based on gender identity. Still, covered entities should be prepared to adjust their notices if the stay is lifted. Sample notices are available on OCR’s website. For more information, see Section 1557 of the Patient Protection and Affordable Care Act | HHS.gov.

The new year often presents an opportunity to renegotiate or terminate existing service provider agreements, so now is a perfect time to reanalyze contracts before renewal. For an overview of health plan fiduciary compliance issues and strategies, see our five-part blog series, Health Plan Hygiene.

If you have questions, please contact a member of the Jackson Lewis Employee Benefits Practice Group or the Jackson Lewis attorney with whom you regularly work.