October 3, 2018
Over the last couple of years, the Department of Health and Human Services (HHS) conducted “desk audits” of 166 covered entities and 41 business associates. These audits focused on select HIPAA privacy, security and breach notification requirements. HHS has not released its official findings from the audits yet, but it has identified serious compliance gaps in the following areas:
Employers that sponsor group health plans should periodically review their compliance with HIPAA rules, including whether their security analysis and risk management for electronic PHI is up to date. Employers should also watch for more guidance from HHS on these compliance requirements.
Want to learn more? Start a conversation with us.
September 8, 2023
Tenth Circuit Court of Appeals Hands Down a Big Win for ERISA Preemption After several failed attempts by pharmacy benefit managers (“PBM”) to challenge state laws regulating PBMs, the 10th Circuit Court of Appeals (in Pharmaceutical Care Management Association v. Mulready) handed down a big win for PBMs and, by extension, self-funded ERISA plans, when […]
August 28, 2023
IRS Issues Affordability Percentage Adjustment for 2024 The Internal Revenue Service (IRS) has released Rev. Proc. 2023-29, which contains the inflation adjusted amounts for 2024 used to determine whether employer-sponsored coverage is “affordable” for purposes of the Affordable Care Act’s (ACA) employer shared responsibility provisions and premium tax credit program. As shown in the table […]