Self-Insurer June 2013 by SIPC

June 2013

www.sipconline.net

The Case For Self Insurance:

Overcoming

Common Myths

June 2013

The Self-Insurer

www.sipconline.net

JUNE 2013 | Volume 56

June 2013 The Self-Insurer (ISSN 10913815) is published monthly by Self-Insurers’ Publishing Corp. (SIPC), Postmaster: Send address changes to The Self-Insurer P.O. Box 1237 Simpsonville, SC 29681

Features

editorial staff

artICLes 10

ArT gallery: Conversation with a self-insurance convert

life’s a Breach, Part II: Omnibus rule revises What Constitutes a Breach under the hIPAA hITeCh Breach Notification Requirements

PuBlIShINg DIreCTOr James A. Kinder MANAgINg eDITOr erica Massey

SeNIOr eDITOr gretchen grote

the Case For self Insurance: Overcoming Common Myths

rrgs report Financially Stable results at Year-end 2012 by Douglas A Powell

The Changing regulatory landscape for Stop loss Insurance

by George J. Pantos, Esq.

DeSIgN/grAPhICS Indexx Printing CONTrIBuTINg eDITOr Mike Ferguson

by Fred e. Karlinsky, richard J. Fidei and erin T. Siska

DIreCTOr OF OPerATIONS Justin Miller DIreCTOr OF ADverTISINg Shane Byars Editorial and Advertising Office P.O. 1237, Simpsonville, SC 29681 (888) 394-5688

Worksite Clinics - the Next Generation by Jonathan Spero, M.D, CEO, InHouse Physicians

2013 self-Insurers’ Publishing Corp. Officers

INdustry LeadersHIP 48

SIIA President’s Message

James A. Kinder, CeO/Chairman erica M. Massey, President lynne Bolduc, esq. Secretary

employment Liability and Other Taxable Claims – How taxes and Periodic Payments Can Help Get them settled by John McCulloch, JD, CSSC

The Self-Insurer | June 2013

The Case For Self Insurance:

Overcoming

Common Myths by George J. Pantos, Esq.

June 2013

The Self-Insurer

n today’s changing healthcare landscape, the political discourse on Capitol hill and in many state legislatures is replete with misstatements, charges, and claims about the so-called problems, shortcomings and risks faced by employers – primarily medium-sized and small employers – who choose to self insure health benefits for their workforce population. As a four decade long journeyman in the erISA legal trenches, this is one man’s attempt to set the extensive record straight with documented responses to the most common myths advanced by critics of self-insurance.

Myth: Federal preemption is a major erIsa “loophole” Response: To call preemption a major “loophole” belies the historical record of self-insured plan growth under erISA and ignores the explicit wording by Congress which distinguishes between employersponsored self-insurance and commercial insurance. Nearly 80 million individuals – a record all-time high – received their health benefits through a self-insured erISA plan in 2010. According to the Kaiser annual survey of annual employer trends, that’s 60 percent of working individuals under age 65.1 The number of workers in small firms (3199 workers) alone increased to 15 percent in 2012-- up from 10 percent in 2003.2 Conducted in conjunction with the National Opinion research Center and the university of Chicago, the annual Kaiser Survey is the most comprehensive u.S. look at national trends in employer sponsored health coverage. erISA’s preemption provisions reflect a national purpose in federal law to facilitate the administration of

uniform benefits across state lines. By enacting ERISA’s “deemer” clause Congress prohibited states from deeming employer sponsored benefit plans to be insurance companies. Congress thus gave life to a clear and explicit statutory exception to the insurance “savings” clause by exempting self-insured plans from the threat of often costly and conflicting state laws. With more than half of working Americans covered by self-insurance over the nearly forty years since passage of erISA, congressional intent in distinguishing between self-insurance and commercial insurance has proven to be sound policy. With few exceptions, the courts have interpreted erISA’s preemption clause very broadly and the distinction between self-insurance and commercial insurance has been upheld repeatedly by the u.S. Supreme Court for nearly four decades.3

Myth: self-Insurance provisions in aCa are a major “loophole” that will cause adverse selection against health insurance exchanges Response: Similarly, there is no rational or historical basis to assert that selfinsurance under ACA will cause adverse selection in future state health insurance exchange pools. As with erISA, Congress explicitly chose in ACA to distinguish between self-insured and insured plans. In other pre-ACA federal laws such as hIPAA, both self-insurers and insurers are prohibited from covering only healthy employees.4 ACA also bars discrimination by both self-insurers and insurers against plan participants based on health status.5 In a 2011 study conducted for the DOl under ACA, rAND COrPOrATION concludes that self-insured plans “do not pose a threat of adverse selection in the small group market once the new law is implemented.”6 A later 2012 U.S. Department of Labor Report to Congress confirms that selfinsured plan membership mirrors a cross-section of workforce risk.7 employers that self-fund health benefits cover a broad cross-section of participants with low, medium and high risks. As self-insured and insured plans have similar membership characteristics, there is no rational basis for highly speculative assertions that self-insured plans “cherry pick” by enrolling healthier employees and may cause adverse selection.

Myth: enrollees in self-insured plans are deprived of important aCa consumer protections. Response: Not true. Self-insured plans are subject to most of the same ACA coverage requirements and protections that are imposed on commercially insured plans. With minor exceptions, ACA protections – enacted by Congress to remedy what were called “abusive insurance industry practices” – also apply to enrollees in self-insured plans. Among many provisions that apply to both self-insured and insured plans, ACA prohibits coverage exclusions based on pre-existing conditions, prohibits discrimination based on health factors, requires dependent children to remain under parent plan coverage until age 26, eliminates lifetime and annual caps, requires first dollar coverage for preventive service, requires uniform explanation of plan benefits, requires internal and external claims procedures and limits out-ofpocket spending.8 Certain provisions such as medical loss ratios (Mlrs), rebates, and community rate rules labeled by critics as “loopholes”, in reality, are intended properly by Congress to apply only to commercial insurers. Beginning in 2012, Mlr rules require commercial insurers who collect premiums and are in the “business of insurance” to use premium revenues to meet specific

The Self-Insurer

| June 2013

minimum benefit payment standards rather than excessive administrative costs, such as for executive salaries and marketing expenses – or make refunds to customers. The Commonwealth Fund has found that, for some small employers, as much as 30 percent of premium payments go to administration.9 In this regard, 16 million consumers and businesses received about $1.3 billion in rebates from insurance companies in 2012, including $377 million in the small employer market.10

Myth: regulations should be enacted to limit the ability of small groups to self-insure health benefits. Response: While self-insurance is not for everyone, annual insurance premium increases have accelerated the trend by small employers to consider self-insurance as a viable alternative to commercial insurance. ever increasing health care costs are one of the most important challenges impacting small business firms which are the backbone of the u.S. economy. Studies show that small firms pay 18 percent more for health coverage than larger firms, while firms with 10 to 24 workers pay 10 percent more.11 And the cost of u.S. healthcare services is expected to rise 7.5 percent in 2013, more than three times the projected rate of inflation and economic growth.12 eliminating the ability of small employers to self-insure would not only add to already spiraling health costs, but may even create higher levels of uninsured employees. limiting small employer ability to self-insure would be associated with a “decline in the total number individuals enrolled in health insurance coverage,” according to rAND.13

June 2013

The Self-Insurer

employers must be able to meet sound actuarially determined financial standards to demonstrate they are capable of self-insuring. under existing laws, employers of all sizes who can meet recognized standards have the freedom to choose the most appropriate method to fund their health plans, including recognized alternative risk transfer (ArT) methods such as self-insurance. eliminating the ability of small employers to self-insure would not only add to already spiraling health costs, but may even create higher levels of uninsured employees. The rAND study states that total enrollment in coverage is higher in the small market where selfinsurance is allowed.14 exacerbating the small employer cost problem, many insurers already have filed for double-digit premium increases, which hhS has criticized as unwarranted.15 Reflecting these increases, private insurer financial reports to the Securities and exchange Commission for 2010 through the first half of 2011 document that premium revenues have been well above payments for medical claims, with profit margins at historic highs and rapid accumulation of reserves well beyond state insurance requirements.16

Myth: self-insured plans do not provide adequate value to enrollees. Response: As noted, in large part, the value of self-insurance as an alternative funding method is reflected in the large number of covered participants in self-insured plans of all sizes as reported in recent studies. According to the 2010 Annual Kaiser Survey, 57 percent of covered workers in firms with three or more workers were in self-funded plans in 2010.17 This includes 26 percent of workers among smaller plans with 100 to 199

participants. Based on an analysis of the Kaiser data, rAND reports that the share of employee enrollment in selfinsured plans rose from 52.6 percent in 2006 – up to 57 percent in 2010.18 The principal advantages of selfinsuring for employers have been well documented; greater control over design of plan benefits and provider networks, costs based on their own claims experience, control over reserves, improved cash flow and uniform benefits to workers in different locations. Moreover, access to plan claims data provides self-insured employers with the ability to design wellness programs directly targeted to workforce health profiles that have proven successful in reducing costs. using data on deductibles, copayments and other out-of-pocket expenses to measure the relative generosity of health plans, rAND researchers concluded that there is little difference in plan generosity between fully insured plans when comparing plans of the same size, including small plans with 3 to 199 workers.19 In the study conducted for hhS in collaboration with the u.S. labor Department, rAND found that self-insured plans offered by small and mid-sized firms covered approximately the same proportion of medical expenses as fully insured plans.20 rAND reports that the state regulatory environment, exacerbated by the excessive prices employers must pay for administrative services in commercial plans, plays a major role in employer decisions to self-insure health benefits.21 Studies show that of the $95 billion paid by consumers and employers in premiums to u.S. commercial insurers in 2007, about 7.5 percent was paid for insurance administration – the highest share in the world.22 These costs were paid for advertising, sales commissions,

underwriting, and other administrative functions as well as net additions to insurer reserves, rate credits and dividends and profits.23 While state mandates provide added protection to some consumers in commercially insured plans, they impose additional costs that most often are passed along to employers in the form of higher premiums. By contrast, in addition to greater cost efficiency and lower administrative expenses, self-insured employers add value by retaining for their own investment purposes that portion of premiums collected by insurers to fund insurer reserve requirements and profits. Selfinsured employers add additional valuebased plan design by tailoring benefit packages to meet specific workforce needs rather than costly mandated state benefits.24 Other important factors which add value include greater plan autonomy and plan control and the flexibility under erISA for employers operating across state lines to offer uniform benefit packages. While not always covering certain state benefits mandated in fully insured plans, self-insured plans are no less generous overall, and in many instances provide even more generous benefits, according to interviews conducted for the rAND study.25

Myth: state regulation of stop loss attachment points is needed and legislative proposals calling for higher attachment points should be supported. Response: Several states and the NAIC have attempted to regulate stop-loss attachment points which they contend “could” pose a threat to state exchanges coming on line in 2014. In proposing higher stop-loss attachment points, state legislators

have poorly masked their real intent to curb the self-funding method for small employers. In proposing extremely high individual attachment points ($45,000), legislation such as California’s SB 161, and similar state legislative proposals, are designed to negatively impact the decision of most otherwise financially qualified small employers to self-insure health benefits. By mandating that small employers assume greater financial risk, such proposals would have the effect of eliminating the entire cash funding reserves of most self-insured small employers. Such state legislative proposals raise the legal issue of federal preemption and the bounds of permissible state insurance regulation under erISA. Many states do not have minimum requirements for stop-loss and only three states have passed laws based on NAIC’s 1999 “model” stop-loss act recommending a minimum attachment point of $20,000 per person.26 however, federal courts have held that states cannot regulate stop-loss insurers in a manner that influences the structure or administration of the underlying selfinsured plan, such as by regulating attachment points.27 Courts also have held that states cannot define at what point a self-insured plan bears so little risk (due to generous stop-loss attachment points) that the plan is no longer self-insured and the stop-loss carrier is a primary health insurer.28 Thus, if enacted into law, proposals such as SB 161 clearly would be subject to a preemption challenge under erISA’s federal provisions.

Myth: A federal definition of self-insurance is needed Response: Calling for a federal definition of self-insurance assumes that small employers need to assume more risk for health benefits in order to qualify as qualified self-insured plan sponsors. Without defining “significant, critics propose that self insured plans should bear “significant risk,” and that stop-loss attachment points be set at a “significant level.” This unrealistic approach is not only inconsistent with erISA and other federal laws relating to insurance regulation, but also ignores the historical nature of stop-loss insurance as a class of indemnification coverage for employer catastrophic losses. At its core, stop-loss insurance programs are forms of excess liability protection designed to indemnify employer plan sponsors for health care expenses above predetermined dollar amounts. While stop-loss carriers are subject to state insurance regulation as insurers, this is not the same as regulating health insurance

* TPA and Stop-Loss Savings Specialists * Products for Group Health, Workers’ Comp. & Auto Liability * Industry Leading Bill Review Services * Our SERVICE separates us from the competition!

The Self-Insurer

| June 2013

carriers that bear health risk loss for individuals. Varying by state, specifi c regulation of stop-loss insurers generally covers solvency and licensing requirements and regulation of investments. More closely resembling property and casualty insurance, stop-loss is a form of catastrophic insurance coverage that reimburses an employer for unforeseen and abnormally high plan expenses. The protection offered by comprehensive stop-loss coverage refl ects its value in helping plan sponsors including small employers to manage catastrophic plan events. Since stop-loss insurance does not bear fi nancial responsibility for individual plan participants there is no rational basis to classify stop-loss insurance as health insurance or to defi ne self-insurance based on federally regulated attachment points. n George J. Pantos, Esq. is Executive Director of the Healthcare Performance Management Institute (www.hpminstitute.org) and former General Counsel, Self Insurance Institute of America. 1

Kaiser Family Foundation and Health Research & Education Trust, 2012 Employer Health Benefi ts Survey

Ibid.

See Metropolitan life Insurance Co. v. Massachusetts, 471 u.S. 724(1985) (discussing erISA’s “savings” and “deemer” clauses.

health Insurance Portability and Accountability Act (hIPAA), Pub.l. No104-191,1996.

Affordable Care Act (ACA) P.l. 111-118 (2010).

rAND COrPOrATION, employer Self-Insurance Decisions and the Implications of PPACA, report to u.S. Department of labor (2011).

Secretary of labor, Annual report to Congress on Self-Insured group health Plans (2011) and (2012).

See note 6.

S.Collins, ”Medical loss ratio regulation good For Consumers”, Commonwealth Fund Blog (Nov.2010). Kaiser health News , Insurer rebates under Medical loss ratios for Consumers (Nov. 2010).

J.gabel,r.McDevitt et al., Commonwealth Fund health Affairs, May-June 2006 25(3) 83243.

Pricewaterhouse Coopers Research Institute, available at www.pwc.com /us/en/health behind-the-numbers/keyfi ndings.

See note 6.

R.Abelson, “Health Insurers Making Record Profi ts as Many Postpone Care”, New York Times, May 3, 2011.

Kaiser Family Foundation and Health Research & Educational Trust, 2010 Employer Health Benefi ts Survey.

See note 6.

Ibid.

rAND COrPOrATION, report to u.S. Department of health and human Services in collaboration with u.S. Department of labor, report to Congress On Study of large group Market (2011). 20

Ibid.

The Commonwealth Fund, Issue Brief “ how health Care reform Can lower the Costs of Insurance Administration”, (July 2009). 22

23 Center for Medicare and Medicaid Services, Offi ce of the Actuary, National Health Expenditure Accounts, available at www.cms.gov/NationalhealthexpendData/downloads/dsm-o7.pdf. 24 healthcare Performance Management Institute, governance, risk and Compliance Management Strategies for SelfInsured health Plans, White Paper (2011).

See note 20.

NAIC Model #92: Stop loss Insurance Model Act (Only Minnesota, New hampshire and vermont have adopted the model law). 26

American Medical Security v. Bartlett, 111 F3d 358, (4th Cir. 1997) cert denied, 118 S.Ct. 2350 (1998).

Brown v granatelli , 897 F2d 1351 (5th Cir. 1990, cert. denied 498 u.S.848 (1990).

June 2013

The Self-Insurer

HELP YOUR CLIENTS

TO THE BENEFITS OF STOP-LOSS. He has a new heart. His employer has peace of mind. With stop-loss coverage from Sun Life, your clients are protected against catastrophic claims. And they get the benefit of an independent point of view from one of America’s leading stop-loss providers. In the past three years alone, we processed 68,000 claims —over $1.3 billion in payouts. Why not put our expertise to work for you? Ask your Sun Life rep how.

Life’s brighter under the sun

sunlife.com/wakeup Group insurance policies are underwritten by Sun Life Assurance Company of Canada (Wellesley Hills, MA) in all states, except New York, under Policy Form Series 02-SL and 07-SL. In New York, group insurance policies are underwritten by Sun Life Insurance and Annuity Company of New York (New York, NY) under Policy Form Series 02-NYSL and 07-NYSL. Product offerings may not be available in all states and may vary depending on state laws and regulations. © 2013 Sun Life Assurance Company of Canada, Wellesley Hills, MA 02481. All rights reserved. Sun Life Financial and the globe symbol are registered trademarks of Sun Life Assurance Company of Canada. PRODUCER USE ONLY.

SLPC 24842 04/13 (exp. 04/15)

The Self-Insurer

| June 2013

art gAllerY by Dick Goff

Conversation with a self-insurance convert

sn’t it wonderful how self-insurance and other ArT forms keep eluding the fatal blows of those who would put us out of business? Think of the combined power of elements of both federal and state governments, joined by the marketing and lobbying clout of the giant insurance companies, all coming after us with sledgehammers. But we’re the pesky critters in the Whack-a-Mole game that keep popping up in another location each time we elude a fatal blow. I’ve been thinking of that characteristic and it occurs to me that we are successful survivalists because we keep our eye on the goal of providing better, more effi cient service to our customers. We don’t share the motivations of politicians or even major competing commercial organizations. We are not rigid adherents to any ideology or philosophy. Our approach is practical, realistic and with healthy regard for free enterprise. Oh, and one more thing: we like to learn and apply new ideas that help us stay ahead of whatever game we’re playing at the time. unlike politicians or corporate fat cats, we humbly understand that we don’t yet know it all. And our best schoolroom is conversations with our peers. I’m reminded of that when I see that SIIA will emphasize captives during this fall’s National Conference under the theme “Outsmarting reform 2013.” One point of the conference will be that participation in stop-loss captive programs can make it easier for smaller and mid-sized employers to operate self-insured group health plans. And I also had a lesson recently during a conversation with hollins riley, president of Associated Marketing of virginia, Inc. (AMvA), headquartered in Naples, Florida. AMvA created NationCare, a leading out-of-area coverage solution for local and regional provider-sponsored health plans. AMvA also provides management consulting services to health plans and consults with health systems interested in forming their own insurance solution for the market they serve. riley’s study of federal health reform has led him to an unexpected conclusion. “until this year I didn’t believe self-insurance was a good approach for small groups but I’ve changed my mind,” he says. he now takes the position that self-insurance is the best way to surmount the obstacles of health reform for employers of any size. One especially tricky minefi eld to navigate under health reform that has a signifi cant impact on the individual and small group markets is the compression of age-range premium bands. By current underwriting practice, the highest rate can be as much as fi ve or six times the lowest rate – meaning that younger people can get by with premiums that are far lower than older people. That will change, Mr. riley

June 2013

The Self-Insurer

points out, to premiums that can vary only by a factor of three times between the oldest and youngest plan members. “This puts employers of generally younger people who purchase traditional health insurance at a distinct disadvantage compared to their previous experience,” riley says. “This along with the fact that essential health benefi t provisions call for much richer coverage will drive premiums up under health reform.” riley reports that traditional health insurers are preparing to renew many healthcare policies on December 31, 2013 – the day before health reform rules fully kick in. “There will be a tsunami of policies taking effect just to give buyers within one day of a full year’s relief from health reform rules and premiums,” he said. “I think this story needs to be told, to help employers make smart choices,” riley said. “Well educated buyers will be our best customers.” riley reports also that some traditional insurers are looking at creative ways of entering the selffunded arena in the smaller employer group size by reverting to the split premium and minimum premium models that were prevalent in the larger group market segments in the 80s and 90s. The way I understand those premium models, you can think of “deductible” as a self-insured retention and plans that provide coverage above a deductible amount of, say, ten to twenty thousands dollars as “stop-loss” insurance. And there you have self-

insurance, courtesy of your friendly traditional healthcare insurer. Smart TPAs or brokers could build their group healthcare captives and supplement coverage with a fronting insurer. Today’s lesson goes back to my early premise: through nimble creativity, the ArT industry can develop products with ease of entry and the support services to help employers fi nd their best solutions. That’s the way we’ll stay alive to fi ght another day. As always, I welcome all feedback and opinions. Please feel free to comment to me personally via e-mail or send it in article form to our editor at ggrote@sipconline.net. n Dick Goff is managing member of The Taft Companies LLC, a captive insurance management firm and Bermuda broker at dick@taftcos.com. Hollins Riley may be reached at hriley@amva-inc.net.

Do you aspire to be a published author? Do you have any

stories or opinions on the self-insurance and alternative risk transfer industry that you would like to share with your peers? We would like to invite you to share your insight and submit an article to The Self-Insurer! SIIA’s official magazine is distributed in a digital and print format to reach over 10,000 readers around the world. The SelfInsurer has been delivering information to the selfinsurance/alternative risk transfer community since 1984 to self-funded employers, TPAs, MGUs, reinsurers, stoploss carriers, PBMs and other service providers.

Articles or guideline inquiries can be submitted to Editor Gretchen Grote at ggrote@sipconline.net. The Self Insurer also has advertising opportunities available. Please

contact Shane Byars at sbyars@sipconline.net for advertising information.

The Self-Insurer

| June 2013

23bn 23bn DOLLARS IN ASSETS DOLLARS IN ASSETS

This changes everything. This changes everything. And nothing. And nothing. Presidio is proud to now be the health division of PartnerRe.

The three core Presidio was founded on –ofexcellence Presidio is principles proud to now be the health division PartnerRe.of service, continuous innovation and client financial peace of mind – are as much a part of three who we areprinciples as ever. Our management teamon and our employees The core Presidio was founded – excellence of service, remain in place and continue to client offer you the innovative solutions expect. continuous innovation and financial peace of mind – areyou as much a part of who we are as ever. Our management team and our employees But some changes big. Verytobig. PartnerRe’s $23 billion in assets gives remain in placewill andbecontinue offer you the innovative solutions you expect. Presidio stability that is unsurpassed by others in the Accident & Health market. Our truly globalchanges reach allows to provide peace ofbillion mind worldwide. But some will beusbig. Very big.financial PartnerRe’s $23 in assets gives For almost 20 years, we’ve brought you the best rated carriers. Now are one. Presidio stability that is unsurpassed by others in the Accident &we Health market. Our truly global reach allows us to provide financial peace of mind worldwide. Contact us to discuss your health risk needs at 1best 415 rated 354 1551 or PresidioRe.com. For almost 20 years, we’ve brought you the carriers. Now we are one. Contact us to discuss your health risk needs at 1 415 354 1551 or PresidioRe.com.

June 2013

The Self-Insurer

RISK MANAGEMENT SOLUTIONS REQUIRE COORDINATED PRECISION

Client centric solutions are the building blocks of our business. Advising our clients since 1994, Elite Underwriting Services is one of the country’s most prominent Managing General Underwriters. Entrusted with managing premium, we are partnered with A+ and A rated carriers. Creating a culture of innovation and service, we leverage our expertise and industry relationships – enabling us to offer a wide array of products and services, as well as superior stop loss custom solutions for our clients.

The Self-Insurer

| June 2013

PPACA, HIPAA and Federal Health Beneﬁt Mandates:

Practical

The Patent Protection and Affordable Care Act (PPACA), the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and other federal health benefit mandates (e.g., the Mental Health Parity Act, the Newborns and Mothers Health Protection Act, and the Women’s Health and Cancer Rights Act) dramatically impact the administration of self-insured health plans. This monthly column provides practical answers to administration questions and current guidance on PPACA, HIPAA and other federal benefit mandates.

Q&A

Life’s a Breach, Part II: Omnibus rule revises What Constitutes a Breach under the HIPaa HIteCH Breach Notification Requirements

IPAA’s “Omnibus rule”1 (also referred to in this advisory as the “rule”), published on January 25, 2013, modifi ed many parts of the HIPAA regulations, including those that require notifi cation of breaches of unsecured protected health information (“PhI”) by covered entities and their business associates (the “Breach regulations”).2 This article discusses the Breach Regulations as modifi ed by the Omnibus Rule. In this article, we will refer to the Breach Regulations, as modifi ed by the Omnibus Rule provisions, as “Final Breach rules.” Compliance with the Final Breach rules, as is the case with most other Omnibus rule provisions, is required by September 23, 2013.

Brief Overview • Breach Defined. The Final Breach Rules provide a specifi c defi nition of “breach,” and compliance with the breach notice obligations begins with understanding this defi nition and being able to identify “breaches.” A “breach” is defi ned as the (i) acquisition, access, use, or disclosure (ii) of protected health information” (iii) that is not permitted under the hIPAA Privacy rule3

June 2013

The Self-Insurer

and which (iv) compromises the security or privacy of the protected health information. The defi nition of “breach” has several moving parts and exceptions, and thus requires careful examination. Not every violation of the hIPAA Privacy rule will constitute a breach for purposes of the Final Breach rules. • “Unsecured” PHI. The notice obligations set forth in the Final Breach rules arise only for breaches of “unsecured” PhI. PhI is “secured” for purposes of the Final Breach rules only to the extent it is encrypted in accordance with the methodology specifi ed by the Secretary of health and human Services (hhS) (the “encryption guidance”).4 For PhI that is secured in that manner, the notice obligations set forth in the Final Breach rules do not apply – even if there is an unauthorized use or disclosure (although other notice obligations may apply). • New Rule: Presumption of Breach. If PhI is acquired, accessed, used or disclosed in a manner that violates the hIPAA Privacy rule, the Final Breach rules require a rebuttable presumption of breach – that is, an entity must presume that such acquisition, access, use or disclosure has compromised the security or privacy of the PhI unless it can demonstrate that there is a low probability that the PhI has been compromised. This is in clear contrast to the old rule (i.e., pre-Omnibus rule), which required no presumption and simply entailed an assessment of whether the use or disclosure poses a signifi cant risk of fi nancial, reputational, or other harm to

the individual. In assessing the probability that the PhI has been compromised, the Final Breach rules list four factors that must be considered. • Burden of Proof. Covered entities have the burden of demonstrating that they satisfi ed the specifi c notice obligations following a “breach” as defi ned by the Final Breach rules, or, if notice is not made following an unauthorized use or disclosure, that the unauthorized use or disclosure did not constitute a “breach.”

What is a “Breach” under the Final Breach rules? The specifi c notice obligations set forth in the Final Breach rules apply only to the extent there has been a “breach”. As noted above, the Final Breach Rules defi ne a “breach” as the: • Acquisition, access, use, or disclosure of PhI that violates hIPAA’s Privacy rule relating to use or disclosure of PhI and that compromises the security or privacy of such PhI. These elements and the specifi c exceptions are discussed in more detail below. PHI Only. As a threshold matter, the Final Breach rules are concerned only with breaches involving PhI. If the information is not PhI, there is no breach. Thus, de-identifi ed information5 and employment records held by a covered entity in its role as employer6 are not PhI. Note that in the Omnibus rule removed the exception in the old rules (i.e., pre-Omnibus rule) for certain limited data sets that exclude both birth dates and zip codes – under the Final Breach rules, limited data sets are treated no differently than any other PhI. Acquisition, Access, Use, or Disclosure. To be a breach, there

must be an “acquisition, access, use or disclosure” of unsecured PhI. These terms are broadly defi ned and encompass essentially any access, use or exchange of PhI (whether authorized or not). Although the regulations do not specifi cally defi ne “acquisition and access,” hhS stated that they are to be interpreted by their plain meanings, and that each is encompassed within the current defi nitions of “use” and “disclosure.” “Use” is defi ned as the “sharing, employment, application, utilization, examination, or analysis of [PhI] within an entity that maintains such information.”7 “Disclosure” is defi ned as “the release, transfer, provision of access to, or divulging in any manner of information outside the entity holding the information.”8 “Unsecured” PHI. Only an acquisition, access, use, or disclosure of “unsecured” PhI can trigger the notice obligations under the Final Breach rules. “unsecured” PhI is PhI that is not secured through the use of approved encryption or destruction method that renders the PhI unusable, unreadable, or indecipherable to unauthorized individuals. Conversely, only PhI secured in accordance with the encryption guidance is considered “unusable, unreadable, or indecipherable” for purposes of the Final Breach rules. hhS has issued guidance on what types of encryption will fall within the safe harbor provision.9 The Encryption Guidance. According to the encryption guidance, PhI is considered unusable, unreadable or indecipherable to unauthorized individuals if it has been encrypted by “the use of an algorithmic process to transform data into a form in which there is a low probability of assigning meaning without use of a confi dential process or key,”11 and such confi dential process or key that might enable decryption has not

The Self-Insurer

| June 2013

been breached. To avoid a breach of the confidential process or key, these decryption tools must be stored on a device or at a location separate from the data they are used to encrypt or decrypt. The encryption guidance identifies specific methods that HHS has determined, in accordance with statute, meet the standard. (See our prior advisory on the encryption guidance, accessible at www.alston. com/health_care_advisory_recovery.) If a covered entity or business associate “secures” PhI in accordance with the rules, and an unauthorized use or disclosure is discovered, the specific notice obligations set forth in the Final Breach rules do not apply because the PhI is considered “secure”. On the other hand, if some other method not specifically identified in the Encryption guidance is used, then the PhI is not considered secure and an unauthorized use or disclosure that constitutes a “breach,” will give rise to the specific notice obligations set forth in the Final Breach rules. Violation of HIPAA Privacy Rule. An acquisition, access, use, or disclosure of unsecured PhI will not give rise to a “breach” unless the acquisition, access, use or disclosure is a violation of hIPAA’s Privacy rule (e.g., a violation of the minimum necessary rule). As was the case prior to the Omnibus rule, a violation of hIPAA’s Security rule does not itself constitute a potential breach under the Final Breach rules, although such a violation may lead to a breach if it results in a use or disclosure of PhI that is not permitted under the Privacy rule. Compromise the Security or Privacy of PhI. even if it is established that a use or disclosure of unsecured PhI violates the Privacy rule, a breach may not have occurred if the violation does not “compromise the security or privacy” of the PhI. however, as noted in the Brief Overview section above,

June 2013

The Self-Insurer

an acquisition, access, use, or disclosure of protected health information in a manner not permitted by hIPAA’s Privacy rule is presumed, under the Final Breach rules, to be a breach unless the entity demonstrates that there is a “low probability that the protected health information has been compromised.” The entity’s demonstration must be based on a risk assessment of all of the following factors:10 (i) The nature and extent of the PHI involved, including the types of identifiers and the likelihood of re-identification; hhS has stated that this factor looks at the types of information involved, such as whether the disclosure involved information that is of a more sensitive nature. For example, with respect to financial information, this includes credit card numbers, social security numbers, or other information that increases the risk of identity theft or financial fraud. With respect to clinical information, this may involve considering not only the nature of the services or other information, but also the amount of detailed clinical information involved (e.g., treatment plan, diagnosis, medication, medical history information, test results). This assessment is intended to help entities determine the probability that PhI could be used by an unauthorized recipient in a manner adverse to the individual or otherwise used to further the unauthorized recipient’s own interests. Additionally, hhS said that where there are few, if any, direct identifiers in the PHI involved, entities should determine the likelihood that the PHI could be re-identified based on the context and the ability to link the information with other available information (e.g., where diagnosis and discharge dates are involved, consider the likelihood of identification based on the specificity of the diagnosis, the size of the relevant community, and the ability of the recipient of the PhI to use other available information to re-identify the individuals). (ii) The unauthorized person who impermissibly used the protected health information or to whom the impermissible disclosure was made; This factor considers whether the person who impermissibly (i.e., in violation of the Privacy rule) uses or receives the PhI has obligations to protect the privacy or security of information. hhS stated that if, for example, PhI is impermissibly disclosed to another entity governed by the hIPAA Privacy and Security rules, or to a federal agency that is obligated to comply with the Privacy Act of 1974 (5 uSC 552a) and the Federal Information Security Management Act of 2002 (44 uSC 3541 et seq.), there may be less risk of harm to the individual, because the recipient entity is obligated to protect the privacy and security of the information it received in the same or similar manner as the entity that disclosed the information. In contrast, if PhI is impermissibly disclosed to any entity or person that does not have similar obligations to maintain the privacy and security of the information, the risk of harm to the individual is much greater. hhS also stated that this assessment should also consider (as mentioned above for the first required assessment) the risk of re-identification. For example, if information containing dates of health care service and diagnoses of certain employees was impermissibly disclosed to their employer, the employer may be able to determine that the information pertains to specific employees based on other information available to the employer, such as dates of absence from work. In this case, there may be more than a low probability that the protected health information has been compromised. Other guidance recommended by hhS adds that the likelihood any unauthorized individual will know the value of

the information and either use the information or sell it to others may also be a consideration. (iii) Whether the protected health information was actually acquired or viewed; and This factor considers whether the impermissibly used or disclosed PhI was actually acquired or viewed or, alternatively, if only the opportunity existed for the PhI to be acquired or viewed. For example, if a laptop computer was stolen and later recovered and a forensic analysis shows that the PhI on the computer was never accessed, viewed, acquired, transferred, or otherwise compromised, the entity could determine that the information was not actually acquired by an unauthorized individual even though the opportunity existed. In contrast,

however, if a covered entity mailed information to the wrong individual who opened the envelope and called the entity to say that she received the information in error, then, in this case, the unauthorized recipient viewed and acquired the information because she opened and read the information to the extent that she recognized it was mailed to her in error. (iv) The extent to which the risk to the protected health information has been mitigated. This factor considers the extent to which the risk to the PhI has been mitigated (such as by obtaining the recipient’s satisfactory assurances that the information will not be further used or disclosed - through a confidentiality agreement or similar means - or will be destroyed), and the extent

and efficacy of the mitigation. This assessment, when considered in combination with the assessment regarding the unauthorized recipient of the information discussed above, may lead to different results in terms of the risk to the PhI. For example, a covered entity may be able to obtain and rely on the assurances of an employee, affiliated entity, business associate, or another covered entity that the entity or person destroyed information it received in error, while such assurances from certain third parties may not be sufficient. Other factors may also be considered where necessary in evaluating the overall probability that the PhI has been compromised. generally, these risk assessments must be thorough and completed in good faith, and the conclusions reached must be

advancing the care, outcomes and cost management of kidney disease

DCC will transform the way you approach dialysis reimbursement and care management of kidney disease. • Innovative solutions • Proven results • Customized options • Proactive care management of CKD • Industry leader • Full service management Contact us today to learn how we can help you improve your bottom line.

. dccinc-us.com The Self-Insurer

| June 2013

reasonable. If an evaluation of the factors discussed above fails to demonstrate that there is a low probability that the PhI has been compromised, breach notification is required. hhS notes, however, that a covered entity or business associate has the discretion to provide the required notifications following an impermissible use or disclosure of PhI without evaluation of the probability that the PhI has been compromised. hhS stated that it we will issue additional guidance to aid in performing risk assessments with respect to frequently occurring scenarios.

are there any exceptions to the rule? The Final Breach rules provide three exceptions to the definition of “breach.” (i) Any unintentional acquisition, access, or use of protected PHI by

a workforce member or person acting under the authority of a covered entity or a business associate, if such acquisition, access, or use was made in good faith and within the scope of authority and does not result in further use or disclosure in violation of the Privacy Rule. The Final Breach rules uses the term “workforce member” instead of “employees.” A “workforce member” means “employees, volunteers, trainees, and other persons whose conduct, in the performance of work for a covered entity, is under the direct control of such entity, whether or not they are paid by the covered entity.”11A person is acting under the “authority” of a covered entity or business associate if he or she is acting on its behalf in accordance with common law agency principles. This may include a workforce member of a covered entity, an employee of a business

associate, or a business associate of a covered entity. Similarly, to determine whether the access, acquisition, or use was made “within the scope of authority,” the covered entity or business associate should consider whether the person was acting on its behalf at the time of the inadvertent acquisition, access, or use. In addition, while the statutory language provides that this exception applies where the recipient does not further use or disclose the information, hhS interprets this exception as encompassing circumstances where the recipient does not further use or disclose the information in a manner not permitted under the Privacy Rule. In circumstances where any further use or disclosure of the information is permissible under the Privacy rule, there is no breach solely because of the further use or disclosure.

PROVIDING SERVICE TO THE INSURANCE INDUSTRY FOR OVER 35 YEARS IN OVER 30 STATES Audits Tax Preparation, Compliance and Minimization NAIC Annual Statements, assistance and preparation Management Consultation Expert Witness Regulatory Matters

Contact: William L. Shores, CPA 17 S. Magnolia Ave. Orlando, Florida 32801 (407) 872-0744 Ext. 214 Lshores@shorescpa.com

June 2013

The Self-Insurer

(ii) Any inadvertent disclosure by a person who is authorized to access PHI at a covered entity or business associate to another person authorized to access PHI at the same covered entity or business associate, or organized health care arrangement in which the covered entity participates, and the information is not further used or disclosed in violation of the Privacy Rule. As was the case before the Omnibus rule, the Final Breach rules modify the statutory language slightly to except from the definition of “breach” inadvertent disclosures of PhI from a person who is authorized to access PhI at a covered entity or business associate to another person authorized to access PhI at the same covered entity, business associate or organized health care arrangement in which the covered entity participates. HHS has clarified that “similarly situated individual” as used in the statute with regard to this second exception means an individual who is authorized to access PhI, even if that individual is not authorized to access the PhI at issue. For example, a physician who has authority to use or disclose PhI at a hospital by virtue of participating in an organized health care arrangement with the hospital is similarly situated to a nurse or billing employee at the hospital. In contrast, the physician is not similarly situated to an employee at the hospital who is not authorized to access PhI. Additionally, HHS has clarified that “same facility” means the same covered entity, business associate or organized health care arrangement in which the covered entity participates, even if at a different

location. Thus, if a covered entity has a single location, then the exception will apply to disclosures between a workforce member and, for example, a physician with staff privileges at that single location. however, if a covered entity has multiple locations across the country, the same exception will apply even if the workforce member makes the disclosure to a physician with staff privileges at a facility located in another state. (iii) A disclosure of PHI where a covered entity or business associate has a good faith belief that an unauthorized person to whom the disclosure was made would not reasonably have been able to retain such information. To illustrate this exception, hhS has used the following examples: Example 1: A covered entity, due to a lack of reasonable safeguards, sends a number of explanations of benefits (EOBs) to the wrong individuals. A few of the EOBs are returned by the post office, unopened, as undeliverable. In these circumstances, the covered entity can conclude that the improper addressees could not reasonably have retained the information. The eOBs that were not returned as undeliverable, however, and that the covered entity knows were sent to the wrong individuals, should be treated as potential breaches. Example 2: A nurse mistakenly hands a patient the discharge papers belonging to another patient, but she quickly realizes her mistake and recovers the PhI from the patient. If the nurse can reasonably conclude that the patient could not have read or otherwise retained the information, then this would not constitute a breach. HHS has clarified that the applicability of any exception must be judged at the time a situation is judged and evaluated. Note that the Final Breach rules removed the exception, available under the prior rule, for limited data sets not containing birth dates or zip codes.

are any Changes to our Privacy Policies and Procedures required? Yes. Covered entities and business associates are required to comply with the administrative requirements of certain provisions of the Privacy rule with respect to the breach notification provisions. 12 These provisions, for example, require covered entities and business associates to develop and document policies and procedures, train workforce members on and have sanctions for failure to comply with these policies and procedures, permit individuals to file complaints regarding these policies and procedures or a failure to comply with them, and require covered entities to refrain from intimidating or retaliatory acts. Thus, a covered entity or business associate is required to consider and incorporate the requirements of the Breach Notification rules with respect to its administrative compliance and other obligations.

Who Has the Burden of Proof of Compliance? Covered entities and business associates have the burden of proof that they have satisfied their respective notice obligations under the Final Breach Rules. Thus, in the event of a “breach”, the covered entity must be able to prove that it notified affected individuals, the media, and hhS, as required. likewise, business associates must be able to prove that they notified covered entities of any breaches. If notice is not provided following an unauthorized use or disclosure, then the covered entity or business associate must be able to prove that the unauthorized use or disclosure was not a breach. Accordingly, when a covered entity or business associate knows

The Self-Insurer

| June 2013

of an impermissible use or disclosure of PhI, it should maintain documentation that all required notifi cations were made, or, alternatively, of its risk assessment or the application of any exceptions to the defi nition of “breach,” to demonstrate that notifi cation was not required.

When Is a Breach “discovered?” A breach is treated as discovered by a covered entity as of the fi rst day on which such breach is known to the covered entity, or, by exercising reasonable diligence, would have been known to the covered entity. A covered entity is deemed to have knowledge of a breach if the breach is known (or by exercising reasonable diligence would have been known) to any person, other than the person committing the breach, who is a workforce member or agent of the covered entity. Thus, a breach is deemed to be discovered at any point any workforce member or agent of the covered entity knows, or should have known, of its existence.

What are the Next steps for Plan sponsors and Business associates? Establish or Update Breach Identification Procedures. Covered entities and business associates should already have breach identifi cation procedures, but it is important to make sure that they are compliant with the Final Breach rules. • Determine whether there has been an impermissible use or disclosure of PhI under the Privacy rule. • undertake a risk assessment and document the results. • Determine whether the incident falls under one of the three exceptions to the breach defi nition.

Establish or Update Breach Notification Procedures. Covered entities and business associates should determine which breach notifi cation must be sent (i.e., individual notices13, substitute notices, immediate notices to hhS, media notices14, notice from business associate to covered entity) and who will be responsible for gathering the necessary information for such notifi cation, preparing the notices, and sending the notices. Document Breaches for HHS Reporting. For breaches of unsecured PhI involving 500 or more individuals, entities must notify the Secretary contemporaneously with the individuals. For breaches of unsecured PhI involving fewer than 500 individuals, a covered entity must maintain a log or other documentation of such breaches and notify hhS not later than 60 days after the end of each calendar year about breaches discovered during the previous calendar year. Amend Business Associate Agreements. Covered entities and business associates should coordinate their breach notifi cation efforts in order to avoid duplicate notices and to ensure effi ciency with regard to information gathering and time frames. Covered entities whose business associates act as agents of the covered entity should consider requiring business associates to notify the covered entity of a breach discovery well in advance of the 60-day deadline provided in the Final Breach rules, as the breach discovery date of an agent is treated as the breach discovery date of the covered entity for purposes of providing timely notices to individuals and, if required, hhS and the media.

www.wspactuaries.com | Email: info@wspactuaries.com

June 2013

The Self-Insurer

Workforce Training. The clock for sending breach notifi cations begins

Navigating through the Disease Management Maze American Health understands that evaluating Disease Management programs can be complex. Below are recommended questions to consider during the buying and decision-making process, and we have included our answers for you to compare in the marketplace.

Is your program flexible?

1 2

Certainly. You pay only for the pieces that you use. From custom scripts and private labeling, to integration with Case Management and other programs, our model is flexible to meet your needs. American Health’s Wellness and Disease Management Consultant will help develop a solution tailored to your population. Our program is delivered by American Health employees using our proprietary software system, providing maximum flexibility.

How do you define member engagement? American Health believes the only model for success is when a member directly engages with a Nurse Coach. While other companies may send a mailer and consider the member engaged, we know where those mailers usually end up.

How do you measure Disease Management outcomes?

3 4 5

The introduction of our Disease Management program has been demonstrated to reduce claims costs by an average of $4,480 per managed member per year. We’ve partnered with SCIO Health Analytics to develop an actuarially sound program measurement methodology that builds on the existing approach of the Care Continuum Alliance (CCA). Few programs will commit to a transparent cost savings methodology and calculation.

Will your program meet the health needs of my population? Yes. Many companies support only a few conditions. American Health focuses on eight conditions that have the highest prevalence in many populations. We address asthma, chronic pain, chronic obstructive pulmonary disease, congestive heart failure, coronary artery disease, diabetes, hyperlipidemia, hypertension and any comorbidities. In addition, we will have a chronic kidney program available in fall 2013.

How do participants rate your program? 96% of participants feel that American Health’s Disease Management program staff are a helpful resource to manage their chronic conditions. We regularly receive member feedback, and welcome the opportunity to share our results.

Call us to discuss our Disease Management model. Paul Lavin, President & CEO 215-280-5986

The Self-Insurer

| June 2013

to tick as soon as a breach is known (or, by exercising reasonable diligence, would have been known) to any workforce member or agent (other than the person committing the breach) of the covered entity. Covered entities and business associates will want to enhance training so that their employees are aware of the importance of timely reporting of privacy and security incidents, and of the consequences of failing to do so. Administrative Requirements – Revise Policies and Procedures, Training, Sanctions, Complaint Process. Covered entities must incorporate the requirements of the Final Breach rules into their policies and procedures, and workforce training sanctions for failure to comply must be developed, as well as a complaint process for failures to comply with these new policies and procedures. Covered entities and business associates should consult legal counsel to work through these steps to ensure that breach notification is provided when required. n Attorneys John R. Hickman, Ashley Gillihan, Johann Lee, and Carolyn Smith provide the answers in this column. Mr. Hickman is partner in charge of the Health Benefits Practice with Alston & Bird, LLP, an Atlanta, New York, Los Angeles, Charlotte and Washington, D.C. law firm. Ashley Gillihan, Carolyn Smith and Johann Lee are members of the Health Benefits Practice. Answers are provided as general guidance on the subjects covered in the question and are not provided as legal advice to the questioner’s situation. Any legal issues should be reviewed by your legal counsel to apply the law to the particular facts of your situation. Readers are encouraged to send questions by E-MAIL to Mr. Hickman at john.hickman@alston.com.

June 2013

The Self-Insurer

Department of Health and Human Services, “Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act and the Genetic Information Nondiscrimination Act; Other Modifications to the HIPAA Rules; Final Rule,” 78 Fed. Reg. 5566 (Jan. 25, 2013). 2 Department of Health and Human Services, “Breach Notification for Unsecured Protected Health Information,” 74 Fed. Reg. 42740 (August 24, 2009). 3 Generally, the privacy rules include subparts A and E of 45 CFR § 160 and 164; the Final Breach RuleFinal Breach Rules apply only to impermissible uses or disclosures under subpart E of 45 CFR § 164. 4 74 Federal Register 42740 (August 24, 2009). See www. hhs.gov/ocr/privacy/hipaa/faq/securityrule/2021.html (as of May 4, 2013). 5 45 C.F.R. § 164.514(b). 6 45 C.F.R. § 160.103. 7 45 CFR § 160.103. 8 45 CFR § 160.103. 9 74 Federal Register 42740 (August 24, 2009). See www. hhs.gov/ocr/privacy/hipaa/faq/securityrule/2021.html (as of May 4, 2013). 10 In addition, HHS has stated that, based on the circumstances of the impermissible use or disclosure, additional factors may need to be considered to appropriately assess the risk that the protected health information has been compromised. 11 45 CFR 160.103. 12 45 C.F.R. § 164.530(b), (d), (e), (g), (h), (i), and (j). 13 HHS has set forth specific content requirements (45 C.F.R. § 164.404(c)) and methods of notifying individuals (45 C.F.R. § 164.404(d)). 14 HHS has clarified that media notification is required if there are more than 500 affected individuals in one state or jurisdiction. A press release on the entity’s website is not sufficient to satisfy this requirement. However, entities are not required to incur any cost in notifying the media, and the media outlet is not required to run any information about the breach. 1

The Self-Insurer

| June 2013

Worksite Clinics

- The Next generation by Jonathan Spero, M.D, CEO, InHouse Physicians

June 2013

The Self-Insurer

recent survey from Mercer found that work site clinics are becoming an increasingly popular way to control health care spending and even enhance employee productivity.

vs. members who are not eligible to use the clinic (“control group”). This provides the employer with a direct comparison of the two groups’ costs and a direct measurement of the savings.

until recently, work site clinics were largely popular only at Fortune 500 companies, however the trend is now spreading to local governments and mid-size companies of 250 or more employees.

Before the clinic even is launched, the employer benefi ts from powerful analytic software tools that can fi lter through the previous year’s claims data to determine gaps in care for individuals and identify “high risk” members that require additional intervention. These high-risk members can be invited to visit the clinic and enroll in on-site programs designed to ensure quality care and improved outcomes.

generally, the care received at the clinic is free to the member and there is an added convenience factor for employees. Work site clinics to date have primarily experienced their return on investment for the employer by providing more effi cient care at the worksite clinic rather than paying claims from community physicians. however, the next generation of clinics are in the process of being rolled out and offers a more compelling value proposition and much greater associated healthcare savings.

Concept #3 Patient Centered Medical Home

Concept #2 Gaps In Care analysis

The clinicians at the worksite clinic can build a medical home model program. The medical home model understands that chronic diseases require input from multiple providers and specialists and are often diffi cult to manage for providers as well as the patient. The worksite clinician can act as a coordinator of care ensuring quality, cost effective, evidence based medicine is delivered. In addition to educating the patient on their condition, the “coordinator” communicates to all physicians involved in the care of the patient. This program acts as a very effective disease management program with member engagement levels routinely above 80%. The worksite clinic enrolls members who are at high risk based on the analysis of gaps in care mentioned above. Common diseases that are coordinated include diabetes, heart disease, asthma, arthritis, and chronic pain.

The rest of this article will focus on the key concepts of this next generation of worksite clinics and how they will drive signifi cant reductions in healthcare costs for employers.

Concept #1 at risk Model Worksite vendors are more increasingly willing to deliver these services with some portion of the compensation being at risk. The greater the savings to the employer, the greater the potential bonus for the vendor. In this model both the client and vendor have incentives that are congruent. how these vendors are measuring savings or return on investment varies. The most accurate way to determine the saving generated from the on-site clinic is to compare the annual cost of health care (pmpy) for members eligible to use the clinic (“study group”) SIIA-DisplayAd-2013-v4.indd 1

Can you measure the results of your wellness services? WE CAN! Let us show you how Call: 866-756-5434 E-mail: info@attunelife.com visit attunelife.com to learn more Attune Health Management, Inc. 3608 Preston Rd, Suite 220 Plano, Texas 75093

The Self-Insurer

3/1/2013 3:36:34 PM

| June 2013

Concept #4 Clinical engineering Traditionally employers have relied solely on the carriers to negotiate agreements with providers. however, these agreements are not necessarily in the best interest of the employer or the patient. Not only can more favorable pricing be negotiated from quality providers but also, the agreements have no quality guarantees associated with them. Worksite vendors have a unique opportunity to identify high cost procedures and hospitalizations and negotiate case rates directly with providers and hospitals with built in quality performance guarantees. Significant savings for employers and members as well as improved patient outcomes are the results of these arrangements.

Concept #5 Price transparency and Patient advocacy

We offer a fully integrated claim management solution combining medical expertise and health insurance knowledge.

Worksite clinicians, now armed with comprehensive pricing and quality metrics, can effectively act as patient advocates assisting members with making informed medial decisions. Patients, with the assistance of the worksite clinic, can comfortably choose a cost saving option for a diagnostic or clinical procedure knowing that they are receiving quality healthcare for the right price.

Medical Underwriting/Risk Assessments Utilization Management Disease Management PPACA Compliance Support

Case Management Claim Management Specialty Medical Reviews

Siobhan Sullivan Director of Business Development ssullivan@cpr-rm.com 786-457-2781

June 2013

The Self-Insurer

Concept #6 Predictive Modeling Worksite clinics have the ability to attach current member health risks to future costs allowing the clinics to develop targeted wellness programs that zero in on future cost drivers. In addition, the clinic can provide useful healthcare budget estimates to the employerâ&#x20AC;&#x2122;s benefits department when planning for next year.

lifestyle behaviors amongst members. Clinicians are being cross-trained as certified health coaches and up to 15% of the visits to the clinic are being utilized as purely health coaching sessions. In summary, employers are looking for employee health solutions that offer a one-stop shop for effective healthcare cost containment. The next generation of worksite clinics promises to offer just this. The on-site clinic builds trust and relationships with members, which facilitates engagement in wellness, disease management, and patient advocacy programs driving improved outcomes and lower costs. n

Concept #7 telemedicine The worksite clinic is often not available for remote employees and dependents. Telemedicine, quickly becoming a mainstream method of care delivery, can address this issue. Telemedicine, via telephonic and 2 way video communication, can allow patients to receive medical evaluation and treatment. Not only can this be offered to members that do not have access to the on-site clinic, but also members with access to the clinic have a resource for after hours care.

Concept #8 Wellness The clinic offers year round, on-site, integrated wellness programs that cannot only drive participation, but are very effective in modifying healthy

Jonathan Spero, MD, is CEO of InHouse Physicians and board certified in Internal Medicine. Dr. Spero is an expert in the field of targeted employee wellness programs with measureable ROIs. InHouse Physicians is a global employee health and wellness provider delivering innovative cost containment solutions to corporations around the world. InHouse. To learn more about InHouse Physicians visit their website at www.inhousephysicians. com or Dr. Spero can be reached at jspero@ihphysicians.com.

upcoming eVeNts 33rd annual National educational Conference & expo October 21-23, 2013 • Sheraton Chicago Hotel & Towers • Chicago, IL SIIA’s National educational Conference & expo is the world’s largest event dedicated exclusively to the selfinsurance/alternative risk transfer industry. registrants will enjoy a cutting-edge educational program combined with unique networking opportunities, and a world-class tradeshow of industry product and service providers guaranteed to provide exceptional value in four fastpaced, activity-packed days.

The Self-Insurer

| June 2013

rrGs report Financially stable results at year-end 2012 by Douglas A Powell, Senior Financial Analyst, Demotech. Inc. This article originally appeared in “Analysis of Risk Retention Groups – Year-End 2012”

n reviewing the reported financial results of risk retention groups (rrgs), one gets the impression that this is a group of insurers

with a great deal of financial stability. Based on year-end 2012 reported financial information, RRGs continue to collectively provide specialized coverage to their insureds. Over the past five years, RRGs have remained

Since rrgs are restricted to liability coverage, they tend to insure medical providers, product manufacturers, law enforcement officials and contractors, as well as other professional industries. While rrgs reported direct premium written in eleven lines of business in 2012, more than 50 percent of this premium was contained in the medical professional liability lines.

committed to maintaining adequate capital to handle losses. It is important

Balance sheet analysis

to note that ownership of an rrg is

Comparing the last five years of results, cash and invested assets, total admitted assets and policyholders’ surplus have all continued to increase at a faster rate than total liabilities (figure 1). The level of policyholders’ surplus

restricted to the policyholders of the rrg. This unique ownership structure required of rrgs may be a driving force in the strengthened capital position exhibited by rrgs.

June 2013

The Self-Insurer

becomes increasingly important in times of difficult economic conditions, as properly capitalized insurers can remain solvent while facing uncertain economic conditions. Since 2008, cash and invested assets increased 40.5 percent and total admitted assets increased 33.9 percent. More importantly, over a five year period from 2008 through 2012, rrgs collectively increased policyholders’ surplus 71.5 percent. This increase represents the addition of more than $1.4 billion to policyholders’ surplus. During this same time period, liabilities increased only 13.7 percent, slightly more than $500 million. These reported results indicate that rrgs

collectively are adequately capitalized and able to remain solvent if faced with adverse economic conditions or increased losses. liquidity, as measured by liabilities to cash and invested assets, for year-end 2012 was approximately 65.4 percent. A value less than 100 percent is considered favorable as it indicates that there was more than $1 of net liquid assets for each $1 of total liabilities. This also indicates an improvement for rrgs collectively as liquidity was reported at 69.5 percent at year-end 2011. Moreover, this ratio has improved steadily each of the last five years. loss and loss adjustment expense (lAe) reserves represent the total reserves for unpaid losses and unpaid lAe. This includes reserves for any incurred but not reported losses as well as supplemental reserves established by the company. The cash and invested assets to loss and lAe reserves ratio measures liquidity in terms of the carried reserves. The cash and invested assets to loss and lAe reserves ratio for year-end 2012 was 236.9 percent and indicates an improvement over 2011, as this ratio was 214 percent. These results indicate that rrgs remain conservative in terms of liquidity. In evaluating individual rrgs, Demotech, Inc. prefers companies to report leverage of less than 300 percent. leverage for all rrgs, as measured by total liabilities to policyholders’ surplus, for year-end 2012 was 123.3 percent. This indicates an improvement for rrgs collectively as leverage was reported at 138.4 percent at year-end 2011. The loss and lAe reserves to policyholders’ surplus ratio for year-end 2012 was 79.7 percent and indicates an improvement over 2011, as this ratio was 93 percent. The higher the ratio of loss reserves to surplus, the more an

insurer’s stability is dependent on having and maintaining reserve adequacy. In regards to rrgs collectively, the ratios pertaining to the balance sheet appear to be appropriate.

Sheet Metrics (In Billions) Figure 11Ð –RRG RRGBalance Balance Sheet Metrics (In Billions)

Premium Written analysis rrgs collectively reported $2.6 of billion direct premium written (DPW) at year-end 2012, an increase of nearly 5 percent over 2011. rrgs reported $1.3 billion of net premium written (NPW) at year-end 2012, an increase of 3.7 percent over 2011. These increases are favorable and reasonable. The DPW to policyholders’ surplus ratio for rrgs collectively for year-end 2012 was 74.3 percent and indicates an improvement over 2011, as this ratio was 78.1 percent. The NPW to policyholders’ surplus ratio for rrgs for year-end 2012 Figure 2 Ð RRG Income (In Millions) was 36.6 percent and indicates an improvement over 2011, as this ratio was 38.9 percent. An insurer’s DPW to surplus ratio is indicative of its policyholders’ surplus leverage on a direct basis, without consideration for the effect of reinsurance. An insurer’s NPW to surplus ratio is indicative of its policyholders’ surplus leverage on a net basis. An insurer relying heavily on reinsurance will have a large disparity in these two ratios. A DPW to surplus ratio in excess of 600 percent would subject an individual RRG to greater scrutiny during the financial review process. Likewise, a NPW to surplus ratio greater than 300 percent would subject an individual rrg to greater scrutiny. In certain cases, premium to surplus ratios in excess of those listed would be deemed appropriate if the rrg had demonstrated that a contributing factor to the higher ratio is relative improvement in rate adequacy. In regards to rrgs collectively, the ratios pertaining to premium written appear to be conservative.

Income statement analysis The profitability of RRG operations remains positive (figure 2). RRGs reported an aggregate underwriting gain for 2012 of nearly $181 million, an increase of 19.7

The Self-Insurer

| June 2013

Figure 2 – RRG Income (In Millions)

percent over the prior year, and a net investment gain of nearly $221 million, an increase of 6.7 percent over the prior year. rrgs collectively reported net income of over $324 million, an increase of 8.6 percent over the prior year. looking further back, rrgs have collectively reported an underwriting gain since 2004 and positive net income at each year-end since 1996. The loss ratio for rrgs collectively, as measured by losses and loss adjustment expenses incurred to net premiums earned, for year-end 2012 was approximately 55.7 percent and indicates an improvement over 2011, as the loss ratio was 59.6 percent.This ratio is a measure an insurer’s underlying profi tability on its book of business.

Figure 3 Ð RRG Ratios - Total

AssistAnce for stop Loss coverAge At BenefitMall, we know that some employer groups benefit most from treating their medical plan as an investment rather than an expense. Our self funded team of experts represents numerous direct writers of medical stop-loss. We pride ourselves on our buying power, services provided, and partnerships with our brokers Keycarriers. Ratios and Metrics Ð 12/31/12 Figure 4 Ð and We can help you succeed by offering you the following services: • Marketing • Billing & Premium Collection • Licensing, Commission & Bonus Programs • Claims Expedition • Compliance Services Benefit from our experience as the leader in stop-loss and reinsurance markets.

888-248-8952 www.benefitmall.com ©2013 BenefitMall. All rights reserved. BenefitMall, the circle “b” logo and the corporate logo are registered trademarks of Centerstone Insurance and Financial Services, Inc. California license #063979.

June 2013

The Self-Insurer

The expense ratio, as measured by other underwriting expenses incurred to net premiums written, for yearend 2012 was 28.8 percent and was comparable to 2011, as the expense ratio was reported at 28 percent. This ratio measurers an insurer’s operational effi ciency in underwriting its book of business. The combined ratio, loss ratio plus expense ratio, for year-end 2012 was 84.5 percent and indicates an improvement over 2011, as the combined ratio was reported at 87.6 percent. This ratio measures an insurer’s overall underwriting profi tability. A combined ratio of less than 100 percent indicates an underwriting profi t. regarding rrgs collectively, the ratios pertaining to income statement analysis appear to be appropriate. Moreover, these ratios have remained fairly stable each of the last fi ve years and well within a profi table range (fi gure 3).

Loss and Loss adjustment expense reserve analysis A key indicator of management’s commitment to fi nancial stability,

3 –Ratios RRG -Ratios Total – Total FigureFigure 3 Ð RRG

solvency and capital adequacy is their desire and ability to record adequate loss and loss adjustment expense reserves (loss reserves) on a consistent basis. Adequate loss reserves meet a higher standard than reasonable loss reserves. Demotech views adverse loss reserve development as an impediment to the acceptance of the reported value of current, and future, surplus and that any amount of adverse loss reserve development on a consistent basis is unacceptable. Consistent adverse loss development may be indicative of management’s inability or unwillingness to properly estimate ultimate incurred losses.

“Right Rate”

Figure 4 Ð Key Ratios and Metrics Ð 12/31/12

Medicare Pricing

We have the “Right Rate” option to fit your clients’ needs. • All Medicare Covered Claims* • All Out-of-Network Medicare Covered Claims • Specialty Claims (e.g. ESRD Dialysis) And we’ll negotiate/ reprice your clients’ claims for services not covered by Medicare. To learn more or to have us start repricing your clients’ claims, contact your H.H.C. Group Sales Representative or Bob Serber at 301-963-0762 ext. 163 – rserber@hhcgroup.com * Leveraged provider contracting available in selected markets

H.H.C. Group

Health Insurance Consultants

Figure 4 – Key Ratios and Metrics – 12/31/12

ACCREDITED INDEPENDENT REVIEW ORGANIZATION

rrgs collectively have reported adequate loss reserves at year-end 2012 as exhibited by the one-year and two-year loss development results. The loss development to policyholders’ surplus ratio measures reserve deficiency or redundancy in relation to policyholder surplus and the degree to which surplus was either overstated, exhibited by a percentage greater than zero, or understated, exhibited by a percentage less than zero. The one-year loss development to prior year’s policyholders’ surplus for 2012 was -7.2 percent and indicates an improvement over 2011, as this ratio was reported at -6 percent. The two-year loss development to second prior year-end policyholders’ surplus for 2012 was -12.2 percent and indicates a diminishment over 2011, as this ratio was reported at -14.1 percent. In regards to rrgs collectively, the ratios pertaining to loss reserve analysis appear to be favorable.

The Self-Insurer

| June 2013

analysis by Primary Lines of Business The financial ratios calculated based on the year-end results of the various primary lines of business appear to be reasonable (figure 4). Also, the RRGs have continued to report changes in DPW within a reasonable threshold (figure 5). It is typical for insurers’ financial ratios to fluctuate year over year. Moreover, none of the reported results are indicative of a continuing negative trend.

Figure Ð Direct Premium Lines (000’s of Business Figure 5 –5Direct Premium WrittenWritten by Lines ofby Business omitted) (000Õ

s omitted)

Jurisdictional analysis Much like insurers, it is typical for jurisdictions to compete for new business. Some of the factors that may impact an insurer’s decision to do business in a certain jurisdiction include minimum policyholders’ surplus requirements and the premium tax rate. rrgs have continued to report changes in DPW, on a jurisdictional basis, within a reasonable threshold.

Conclusions Based on 2012 results Despite political and economic uncertainty, RRGs remain financially stable and continue to provide specialized coverage to their insureds. The financial ratios calculated based on year-end results of rrgs appear to be reasonable, keeping in mind that it is typical for insurers’ financial ratios to fluctuate over time. The year-end results of rrgs indicate that these specialty insurers continue to exhibit financial stability. It is important to note again that while RRGs have reported net underwriting gains and net profits, they have also continued to maintain adequate loss reserves while increasing premium written year over year. rrgs continue to exhibit a great deal of financial stability. n Mr. Powell has nearly ten years of progressively responsible experience involving financial analysis and business consulting. Email your questions or comments to Mr. Powell at dpowell@demotech.com. For more information about Demotech, Inc. visit www.demotech.com.

Figure 6 Ð Direct Premium Written by State (000Õ s omitted)

June 2013

The Self-Insurer

We can’t stop misfortune. We can stop loss.

Becoming a top tier Stop Loss carrier doesn’t just happen. For 35 years, our dedication to creative solutions has made us the top choice for our clients. Not all Stop Loss carriers are created equal. Today’s businesses have unique needs that demand expert-level service. That’s been the foundation of our Stop Loss offering from the beginning. We know it’s not just the plan; it’s the team behind it. Your business is unlike any other. It’s time for a Stop Loss carrier that’s unlike any other, too.

For more information, contact your local ING sales representative or call us at 866-566-2316.

EMPLOYEE BENEFITS

Your future. Made easier.® Stop Loss insurance products are issued by ReliaStar Life Insurance Company (Minneapolis, MN) and ReliaStar Life Insurance Company of New York (Woodbury, NY). Within the state of New York, only ReliaStar Life Insurance Company of New York is admitted, and its products issued. Both are members of the ING family of companies. Product availability and specific provisions may vary by state. © 2011 ING North America Insurance Corporation. LG9841 12/28/2011

The Self-Insurer

| June 2013

ECHO ANSWERS

CORE Questions

Will you be compliant with key CORE requirements by January 2014? ECHO Health, Inc., the leading provider of payment solutions for healthcare Payers, can help. We have developed a unique, single consolidation and electronic delivery payment process that not only improves processing efficiency and lowers administrative costs, but also meets key CORE mandates. As your specialized service partner, ECHO solves CORE compliance and more by: Consolidating statements and funds into one Delivering electronic statements faster and regulation compliant Rewarding your bottom line with cost-saving services Let ECHO solve your CORE concerns today 440.835.3511

info@ECHOHealthInc.com www.ECHOHealthInc.com

June 2013

ECHO Health, Inc.

The Self-Insurer

868 Corporate Way

Westlake, OH 44145

Trusted Partners, Ensuring Your Success!

Successful employee benefit sales requires a team effort. As one of the nation’s l argest d irect w riters o f m edical stop-loss, IHCRS is a business partner you can count on.

Find us at www.ihcrisksolutions.com.

Policies underwritten by Standard Security Life Insurance Company of New York . IHCRS 5-13

The Self-Insurer

| June 2013

Get the Most Out of Your Healthcare Plans With Price Transparency Tools From FAIR Health Put FAIR Health’s claims database of over 15 billion billed procedures to work for you. Plan Management Tools & Data Analytics n

n n

Facilitate administration of out-of-net work claims Assess trends in your plan’s utilization of healthcare services over time and geography Compare claims experience to local and regional data Identify network gaps Uncover opportunities for wellness initiatives Customized Member Tools

n n

Demonstrate the value of plan participation Enable members to estimate out-of-network costs Reduce appeals and questions to HR staff Provide cost profiles for treatment of common conditions

FAIR Health is a national, independent not-for-profit corporation whose mission is to bring transparency to healthcare costs and insurance information.

855.301.FAIR 36

June 2013

info@fairhealth.org

The Self-Insurer

www.fairhealth.org

Try our new Mobile App

The Self-Insurer

| June 2013

EMPLOYMENT

LIABILITY and Other Taxable Claims

– how Taxes and Periodic Payments Can help get Them Settled by John McCulloch, JD, CSSC

June 2013

The Self-Insurer

ver since the Supreme Court decision in Commissioner v. Schleier,1 the vast majority of employment settlements have been deemed taxable. With few exceptions, attempts to get employment recoveries excluded from income have all met with failure. Most employment risk is either self-insured, or has a large self-insured retention limit, making the settlement of employment claims in a cost effective manner an important part of any risk managers job. By careful use of settlement planning in order to minimize tax loss, a self-insured can potentially settle employment claims for less while putting more money in a plaintiff ’s pocket. given the number of changes to the tax code and cases addressing tax issues within the last few years, and as tax rates are projected to increase, at some point in the settlement process the tax consequences of the damages should be examined. After all, a settlement that is fully taxable to the claimant results in fewer dollars than a claim that is tax deferred, partially taxable, or tax exempt. even a simple allocation between wages and non-wages can make a significant difference in how much a claim settles for. even beyond that, the ability to use structured settlements (periodic payments) to lower the amount the claimant loses to taxes can achieve a better bottom line outcome and get claims settled for a reasonable amount. Section 104 of the Internal revenue Code excludes from gross income compensation for personal physical injuries or sickness. under this section, personal injury awards were not includable in gross income. The Small Business Job Protection Act of 1996 (the “Act”), signed into law on August 20, 1996, was aimed at employment claims

and restricted the scope of Section 104 to physical, as opposed to personal, injuries. The Act also singles out emotional distress damages, providing that they are not considered a physical injury or sickness, even those emotional distress injuries that result in physical symptoms, such as headaches and ulcers, firmly closing the door on the possibility that purely emotional or mental injuries that do not originate in a physical injury be excluded from taxation. The IrS has had occasion to rule at least once on what constitutes a physical injury in the context of an employment claim since the Act was passed. In Plr 200041022, the Service held that in a sexual harassment case only damages that resulted in an “observable physical harm” would receive tax exempt treatment under Section104. All other damages from the harassment claim were held to be includable in gross income. While there have been dozens of cases in Tax Court trying to exclude emotional distress or its manifestations (ulcers, migraines, bruxism, etc.) they have all failed. There are some exceptions. One often overlooked provision is the exclusion for medical expenses as defined under Section 213(d) of the Code. In the employment context, one case in particular we worked on had extensive psychiatric care stemming from a sexual molestation. Psychiatric and mental health care falls under Section 213(d) of the Code and was found to be excludable. Another potential exception is when a hostile work environment causes an exacerbation of an existing physical injury. In Parkinson v. Commissioner2 a taxpayer worked long hours under stressful conditions as the chief supervisor of a medical center and suffered a heart attack while at work and had to reduce his work week

and ultimately took medical leave and never returned. He filed suit in federal district court under the Americans With Disabilities Act, claiming the medical center failed to accommodate his severe coronary artery disease. The case settled for $350,000, which the IrS found to be taxable. The Tax Court disagreed, finding that the workplace environment that triggered heart attacks resulted in half of the settlement being tax exempt. Similarly, in Domeny v. Commissioner,3 the Tax Court found that an employment settlement which compensated the taxpayer, in part, for the worsening of her multiple sclerosis, was excludable from income as well. given that employment related recoveries are generally taxable, the question becomes how do the negative tax ramifications of a settlement help a claims handler? The answer in many cases is settling the case with a structured settlement or periodic payment plan as opposed to a lump sum. As a general rule it is most often advantageous to receive and be taxed on income in a later tax year rather than an earlier tax year. It makes far more sense to defer recognition of income, than to receive large sums of money at once and pay taxes at a higher rate immediately. For example, the tax consequences of a $500,000 recovery spread into ten equal installments over ten years is substantially less than the tax consequences on the payment if it is all received and taxed in one year. The concept of deferred income recognition has been around for decades with deferred compensation agreements for highly compensated executives. By dealing with the taxation issues through a structured settlement consultant, the claims handler can negotiate for periodic payments that

The Self-Insurer

| June 2013

result in a much better outcome from an income tax perspective for the claimant. A structured settlement consultant versed in taxable damage issues can help the claimant avoid certain pitfalls like constructive receipt and improper allocation. Making the claimant aware of these issues, and how deferring the taxation of all or part of the award can be done through a structured settlement, enables the claim to be resolved sooner. For example, let’s say the demand to settle a harassment claim in California is

June 2013

The Self-Insurer

$400,000 (not including attorney fees). Without adjusting the tax liability for deductions and credits, the Federal tax liability would be 35% and the state tax liability 9.3% if the claimant were to receive the $400,000 in a lump sum, losing over $177,000 to taxes immediately. Instead of a lump sum, let’s say the defense offered to pay him $40,000/year for 10 years, at a cost of $360,000. By spreading payments out over a ten-year period, the claimant will lower their tax bracket to 25% Federal and 6% state, all while earning money on the 44.3% that would have been lost to taxes. It is this deferral that allows for higher net dollars to the claimant than an equivalent amount paid in cash. Plainly stated, by using periodic payments, a defendant can pay less but a claimant will get more. The tax consequences of a settlement or judgment should be

considered in every taxable case (not just employment litigation) of signifi cant size. The tax characterization can have a dramatic effect to the parties involved in litigation. From a practical standpoint, the failure to consider the tax consequences of a damage award by counsel can result in a legal malpractice claim.4 It is vitally important to examine the tax ramifi cations of a recovery in the employment context and explore viable alternatives to improve

Would you navigate uncharted waters without a compass?

the client’s tax situation. The use of structured settlements for taxable damages allows the claimant to achieve a better bottom line outcome by taking advantage of deferred recognition of income and tax deferred growth. Structured settlement consultants who specialize in taxable settlements are a free resource available to any claims handler or risk manager and can help make a signifi cant fi nancial difference when settling employment and other taxable claims. n John McCulloch is the vice president of Advanced Marketing for Integrated Financial Settlements and a settlement consultant with EPS Settlements Group. His expertise is in the taxation of damages and he has obtained two rulings from the IRS on using periodic payments to settle claims. His office is located at 36 W

As a leader in Group Captives, Berkley Accident and Health can steer you in the right direction. With EmCapSM, our innovative Group Captive solution, we can help guide midsize employers to greater stability, transparency, and control with their employee benefits. With Berkley Accident and Health, LLC, protecting your self-funded plan can be smooth sailing.

Randolph St., Suite 400, Chicago, IL 60601. He can be reached at 630-864-8420 or by email at jmcculloch@structures.com Commissioner v. Schleier, 515 u.S. 323, 132 l. ed. 2d 294, 115 S. Ct. 2159, 95-1 u.S. Tax Cas. (CCh) ¶952675, 95 T.N.T. 116-8 (1995).

T.C. Memo. 2010-142, Doc 2010-14364, 2010 TNT 124-12

T.C. Memo. 2010-9, Doc 2010-787, 2010 TNT 9-9

grillo v. henry, Cause No. 96-167943-97; grillo v. Pettiette, Cause No. 96-144090-92; Jalali v. root, Cal.App. 4 Dist., 2003; graham v. harlin, Parker & rudolff 664 S.W.2d 945 (Ky. Ct. App. 1983); Philips v. giles, 620 S.W. 2d 750 (Tex. Ct. Civ. App. 1981).

Stop Loss | Group Captives | Managed Care | Specialty Accident Berkley Accident and Health, LLC is the U.S.-based accident and health operating entity of the W.R. Berkley Corporation Member Companies. Coverages are underwritten by StarNet Insurance Company and/or Berkley Life and Health Insurance Company, both member companies of W.R. Berkley Corporation, and both A+ rated by A.M. Best. © 2012 Berkley Accident and Health, LLC

BAH AD-20120102

www.BerkleyAH.com

The Self-Insurer

| June 2013

the Changing regulatory Landscape for stop Loss Insurance by Fred E. Karlinsky, Richard J. Fidei and Erin T. Siska

EDITORIAL NOTE: Commentary offered by the authors does not necessarily represent the views of SIIA.

ecent developments at the federal and state levels of government, taken together, portend changes in the regulation of stop loss insurance, which could lead more and more small and mid-size firms to self-insure than ever before. Although neither state nor federal officials keep comprehensive statistics on self-insurance, it appears to be growing in popularity as a feasible option. A recent study by the employee Benefits Research institute indicates that nearly 60% of private sector workers were in self-insured health plans in 2011, up from approximately 40% in 1998 and 1999.

June 2013

The Self-Insurer

Background Although stop loss insurance is not addressed in the Patient Protection and Affordable Care Act of 2010 (the “Affordable Care Act or “ACA”), the National Association of Insurance Commissioners (“NAIC”) recently reviewed proposed action with regard to the regulation of stop loss insurance. The NAIC adopted a Stop loss Insurance Model Act (#92) (the “Model Act”) in 1995, which was amended in 1999 to clarify that the law applied only to insurers and did not impose obligations on employer benefit plans directly. In essence, the Model Act provides certain minimum standards for stop loss insurance coverage. Specifically, it prohibits an insurer from issuing a stop loss insurance policy that has an annual attachment point for claims incurred per individual which is lower than $20,000; has an annual aggregate attachment point (for groups of fifty or fewer) that is lower than the greater of: 1. $4,000 times the number of group members 2. 120 percent of expected claims or 3. $20,000; has an annual aggregate attachment point for groups of fifty or more that is lower than 120 percent of expected claims; or provides direct coverage of health care expenses for an individual. These minimum standards ensure that the plan sponsor

retains some of the risk in providing health benefits to its employees, rather than transferring all or most of the risk to a stop loss insurer. The Model Act was only adopted in its entirety by three states (Minnesota, New hampshire, and vermont). Other states have adopted certain parts of the Model law only, or have chosen to regulate stop loss insurance through other ways. For example, New York and Oregon have banned stop-loss insurance for any firms with fewer than fifty workers. Many other states have standards similar to those in the Model Act, but allow attachment points below $20,000. So much time has passed since 1995 that the intended effect of the standards in the original Model Act has been minimized in today’s medical care environment. The obsolescence of the 1995 NAIC standards means, as a practical matter, that self-insured plans bear less relative risk, even in the few states where the Model Act was adopted. Accordingly, today, self-insured products with stop loss insurance or reinsurance that are marketed to small firms closely resemble highdeductible fully-insured plans, but are not subject to many state insurance regulations applicable to fully-insured plans pursuant to the federal employee retirement Income Security Act of 1974 (“erISA”). erISA states that multistate employers that offer a selfinsured plan are not required to cover health care services for state-mandated benefits, as fully-insured plans are. Additionally, certain provisions of the Affordable Care Act are also presumably incentivizing small employers to selfinsure rather than to participate in the state-based insurance exchanges.

Federal developments While it is well settled that erISA insulates multistate employee benefit

plans from state regulation, the Affordable Care Act does not define what a self-insured plan is. Absent a definition, there is no clear legislative guidance in ACA as to what a selfinsured plan is. More clear, however, is which parts of ACA do not apply to self-insured plans. First and foremost, self-insured plans are not subject to ACA’s essential benefit requirement, otherwise known as the “employer mandate,” which requires employers to provide certain essential health insurance coverages to their employees. These essential benefits include health services such as maternity, mental health, and prescription drug benefits. In addition, self-insured plans are not subject to ACA’s risk adjustment or risk pooling requirements. Accordingly, a self-insured plan can price its small group coverage to reflect the group’s claims history or medical status or by age, gender, or other factors. In contrast, fully-insured plans, under ACA, can only vary premiums by the average age of the employees, the presence of a wellness program, and tobacco use. Additionally, self-insured plans are not required to pay the annual fee that insurers are required to pay on fullyinsured products pursuant to Section 1343 of ACA. however, self-insured plans are required to contribute to the transitional reinsurance program from 2014 through 2016 created by Section 1341 of ACA, and confirmed in Final rules promulgated by the Department of health and human Services in March 2013. It bears noting that ACA only applies to employers with 50 or more employees. Smaller organizations, with 49 or fewer employees, do not need to comply with these new Affordable Care Act requirements, regardless of whether they are self-insured or not.

developments at the state Level In July 2012, the NAIC’s erISA (B) Working group circulated a set of draft guideline amendments to the Model Act, as amended, which would have essentially tripled the recommended stop loss insurance attachment minimums adopted in 1995. The new standards had been developed by the NAIC’s health Actuarial Task Force and were intended to update the 1995 standards to reflect today’s economic realities. Those speaking in favor of the updated standards at the NAIC’s Fall 2012 meeting argued that they would maintain a level playing field and establish reasonable expectations on stop loss insurance attachment points. They also said the updated standards would be important because they provide an alternative path for statebased regulation of health insurance, most of which is preempted by erISA. They asserted that if stop loss attachment points are unregulated, a high percentage of small groups are likely to self-insure, which would raise premiums noticeably in the small group market. On the other hand, if the recommended higher attachment points were to be adopted, that risk disappears. Opponents argued that the Model law is largely irrelevant since it has been adopted in so few states. They also opposed the updated standards on the basis that they would close doors to options for small employers who are already facing tough choices; that the new standards were not actuarially sound; that they were unnecessary; and that an increase in self-insurance by small groups would not result in adverse selection against fully-insured plans or the insurance exchanges. rather, it was suggested that selfinsured plans were meant to operate alongside fully-insured plans.

The Self-Insurer

| June 2013

The adverse selection argument advanced by supporters of, higher self insurance attachment points is based on the projection that if the current attachment points remain at their existing levels, employers with young and healthy employees will selfinsure until they encounter unexpected losses, at which time they will quickly switch to a public insurance exchange. however, others argue that even though young people do not usually have some of the health conditions that older populations have, young people still have family medical histories, pre-existing conditions, and are more prone to accidents and to take maternity leave. In addition, some advocate that there are substantial administrative costs associated with switching from one type of health plan to another, making it less likely for all but the smallest employers to switch back and forth from one plan to another. ultimately, the NAIC’s proposed updates narrowly failed to pass at the NAIC’s November 2012 meeting. At the NAIC’s Spring 2013 meeting, the erISA Working group announced that it is working on a white paper to further explore the potential impact of regulation of small employer self-insurance on the small group market beginning in 2014. In addition to the NAIC Model Act activity on stop loss insurance, there has been a recent flurry of proposed state legislation designed to regulate stop-loss insurance. In California, Senate Bill 161, if it passes, will lower the attachment points

June 2013

The Self-Insurer

currently set forth in California law for all stop loss insurance policies issued on or after January 1, 2014. It would change the individual attachment point from $95,000 to $65,000. The aggregate attachment point would need to be the greater of one of the following: 1. $13,000 times the total number of covered employees (down from $19,000 times the total number of covered employees) 2. One hundred twenty percent of expected claims; or 3. $65,000 (down from $95,000). This bill was still making its way through the legislative process as of press time. A bill passed in Colorado would require stop loss insurers to make

annual filings with the Colorado Commissioner of Insurance with information including the following: 1. Total number and average group size of stop loss health insurance policies sold to employer groups with the following numbers of employees: less than 10; 11-25; 26-50; 50-100; or the number of lives covered in Colorado for each of these specified group sizes. 2. The mean and median attachment points by these specified group sizes. 3. The source of prior coverage for these specified group sizes. 4. The smallest group size covered and insurer minimum group size requirements.

The Colorado Commissioner would collect such data for the year s20132018 and make the information publicly available. Stop loss insurers would also be required to file an actuarial certification annually. The bill would create an individual attachment point of $30,000 (just $10,000 more than the current Model Act standard but half of the proposed new NAIC standard). It would also impose an aggregate attachment point that is the greater of (1) $4,000 times the number of group members; (2) 120 percent of expected claims; or (3) $30,000. The Insurance Commissioner would be allowed to change these dollar amounts, by rule, based upon changes to the Consumer Price Index for the Denver metropolitan area. The

bill has passed in the Colorado house of representatives and the Colorado Senate but has not yet been signed into law by the governor. utah’s Small employer Stop-loss Insurer Act, which was enacted earlier this year, applies only to groups with 50 or fewer employees and sets the attachment point at $10,000. It also contains a provision requiring stop-loss insurers to pay claims incurred but not reported if the plan terminates. The new legislation also prohibits lasering, the practice of setting higher specific deductibles for plan members with preexisting conditions. In rhode Island, if hB 5459 is enacted, the attachment points would be set at $20,000 for an individual or 120% of expected claims in the

We Don’t Just Talk About Successful Teams: We Build Them Teamwork is the foundation of any success story. With the right partner, collaboration and support, you can achieve lasting results. When you team up with Meritain Health, you gain the experience of our 30 plus years in the healthcare benefits industry, for a partnership you can rely on. For more information, contact us today.

1.800.242.6226

www.meritain.com

© 2013. For self-funded accounts, benefits coverage is offered by your employer, with administrative services only provided by Meritain Health, an independent subsidiary of Aetna Life Insurance Company. 2013006

The Self-Insurer

| June 2013

aggregate. It would also require stop loss insurers to file an annual actuarial certification as to their compliance with the law. The Minnesota legislature also considered restricting the availability of stop loss insurance in their state, but decided not to take any action during this year’s legislative session. Similarly, the New Jersey Department of Banking and Insurance had also considered proposed regulations in recent years, but decided not to move forward.

and financing, vendor relationships and a complete array of regulatory issues including licensure applications, compliance, expansion, solvency, rate and form filings, and financial and market conduct examinations. He also serves as an Adjunct Professor of Law at the Florida State University College of Law, where he teaches a course he helped to create, entitled “Insurance Law & Economics: Theory & Applications. Rich Fidei, a Shareholder in Colodny, Fass, Talenfeld, Karlinsky, Abate & Webb, leads the Firm’s Insurance Regulatory Law Division. A member of the Florida and Pennsylvania Bars, he represents insurance companies, reinsurers, health maintenance organizations, managing general agencies, brokers, premium finance companies, third-party administrators, claims companies, and other insurance-related entities in connection with regulatory, compliance, administrative, and transactional issues. An experienced legal instructor and lecturer, Mr. Fidei prepares and delivers insurance and reinsurance presentations nationwide.

Conclusion The maintenance of the status quo vis-à-vis stop loss insurance at the NAIC level, combined with new proposed state laws that either lower current attachment point levels, or establish them at nominal amounts, and the ACA incentivizing self-insurance but not regulating it, portends the trend of less regulation of stop loss insurance. Of course, we will need to wait and see what the final impact is on the small group health insurance market when many of the ACA provisions become effective on January 1, 2014. n

Erin T. Siska, an Associate in Colodny, Fass, Talenfeld, Karlinsky, Abate & Webb’s Insurance Regulatory Law and Corporate Transaction Divisions, has significant nationwide experience in insurance company licensing, compliance and regulation issues. On a multi-state basis, she works with insurers, reinsurers, resident and non-resident agencies, managing general agencies, third-party administrators, workers’ compensation carriers, surplus lines insurers and premium finance companies, among other regulated entities, to handle a broad array of matters such as market expansion and withdrawal, Form A filings, responses to market conduct and financial examinations, and other insurance regulatory matters.

Fred Karlinsky, a Shareholder in Colodny, Fass, Talenfeld, Karlinsky, Abate & Webb, has a national reputation representing insurers and reinsurers throughout the United States and internationally in a wide variety of business, operational, regulatory, transactional and governmental matters. Recognized as one of the top insurance lawyers by Chambers and Partners, a global attorney ranking organization, Mr. Karlinsky has an in-depth knowledge of insurance compliance matters. He has established substantial relationships with insurance commissioners and their respective staff members throughout the country. On a 50-state basis, Mr. Karlinsky advises clients on operational issues including start-up activities, structuring

June 2013

The Self-Insurer

Mind over risk.

The secret weapon of businesses that dare to venture.

For firms with self-funded health plans, the potential risk of a catastrophic loss can shatter an enterprise. For nearly 35 years, HCC Life has been providing medical stop loss products — allowing our clients to take on opportunity with confidence. Our experience, underwriting talent and industry-leading financial ratings prove our strength, stability and commitment to our clients. We call it Mind over risk.

HCC Life Insurance Company hcc.com/life

For more information, visit us online at hcc.com/life. A subsidiary of HCC Insurance Holdings, Inc.

msl2162 - 03/13

The Self-Insurer

| June 2013

SIIA PreSIDeNT’S MeSSAge Les Boughner

Getting ready to “Outsmart” reform

f you are reading this, chances are that you have received information by now about the upcoming SIIA National Conference & expo, scheduled for October 21-13, 2013 in Chicago. I will certainly be there and hope you will be, too.

With the implementation of the ACA in 2014, it is no coincidence that the conference features numerous educational sessions designed to help employers and their business employers prepare and thrive in the new regulatory environment. Our theme “Outsmarting reform” was chosen to create a challenge for participants to not only implement ACA’s requirements, but do so creatively. Companies involved in the self-insurance/alternative risk transfer marketplace have historically been highly entrepreneurial and this trend has only accelerated in the run-up to full ACA implementation in 2014. SIIA members in particular have been in high gear rolling out new products, services and health plan management and fi nancial risk transfer strategies that will help the self-insurance marketplace grow in the years to come. While there are certainly obstacles ahead, SIIA is focused on helping its members and conference attendees outsmart the challenges inherent with major change. Of course, there is no substitute for being there so make plans to be at SIIA’s National Conference if you have not already done so. Complete event information can be accessed at www.siia.org, or by calling 800/851-7789 I look forward to seeing you in Chicago. n

June 2013

The Self-Insurer

Excess Employers’ Liability For Single Entities, Groups & Public Entities

Provided by an A.M. Best “A” (Excellent) XIV Rated Carrier Excess Capacity

Self Insured Groups

• $5,000,000

Prefer stable & established (4 or more years), homogenous groups with common effective date. Claims and/or Underwriting Audit may be required

Minimum Retention • $100,000 • Lower retentions may be considered

Preferred Business Classes: • Healthcare

• Schools

• Religious Institutions

• Contractors

• Utilities

• Auto Dealers

• Agricultural

• Hospitality

• Specialty Artisans

• Manufacturing

• Public Entities

• Retail / Wholesale

• Transportation

• Financial Institution

Jake Harris, Vice President of Marketing 610.828.3847

ExcessEL@midman.com midlandsmgt.com

The Self-Insurer

| June 2013

SIIA would like to recognize our leadership and welcome new members Full SIIA Committee listings can be found at www.siia.org

2013 Board of directors

Committee Chairs

ChAIrMAN OF The BOArD* John T. Jones, Partner Moulton Bellingham PC Billings, MT

ChAIrMAN, AlTerNATIve rISK TrANSFer COMMITTee Andrew Cavenagh President Pareto Captive Services, llC Conshohocken, PA

PreSIDeNT* les Boughner executive vP & Managing Director Willis North American Captive + Consulting Practice Burlington, vT vICe PreSIDeNT OPerATIONS* Donald K. Drelich, Chairman & CeO D.W. van Dyke & Co. Wilton, CT vICe PreSIDeNT FINANCe/ChIeF FINANCIAl OFFICer/COrPOrATe SeCreTArY* Steven J. link executive vice President Midwest employers Casualty Company Chesterfi eld, MO

directors ernie A. Clevenger, President Carehere, llC Brentwood, TN ronald K. Dewsnup President & general Manager Allegiance Benefi t Plan Management, Inc. Missoula, MT

ChAIrMAN, gOverNMeNT relATIONS COMMITTee Horace Garfi eld vice President Transamerica Employee Benefi ts louisville, KY ChAIrWOMAN, heAlTh CAre COMMITTee elizabeth Midtlien Senior vice President, Sales Starline uSA, llC Minneapolis, MN ChAIrMAN, INTerNATIONAl COMMITTee greg Arms Co-Leader Mercer Marsh Benefi ts global leader, employee health & Benefi ts Practice Marsh, Inc. New York, NY

SIIA New Members regular Members Company Name/ Voting representative Mike harrington, Principal, Axia Strategies, Savage, MN raul Moreno, Director of Business Dev., FIT for WOrK, llC, Schertz, TX John Kelly, Managing Partner, hanover Stone Partners, llC, New York, NY raymond Ankner, President, rMC Consultants, Naples, Fl

employer Members eric Wiant, executive Director, Adams County BOCeS Self-Insurance Pool, Westminster, CO

ChAIrMAN, WOrKerS’ COMPeNSATION COMMITTee Duke Niedringhaus vice President J.W. Terrill, Inc. St louis, MO

elizabeth D. Mariner executive vice President re-Solutions, llC Wellington, Fl Jay ritchie Senior vice President hCC life Insurance Company Kennesaw, gA

| Self-Insurer The Self-Insurer June 2013 | The

Confidence to thrive in ever-changing conditions

Grow with proven insights in risk management. Success comes from nurturing what’s possible. It takes a balanced approach to risk management, along with confidence to act on the guidance from trusted partners with demonstrated expertise. Your clients rely on you. And at HM Insurance Group, we help you deliver. As a national leader in Stop Loss, HM helps you achieve results through smart innovations and decades of experience in the growing field of self-funding. Grow with confidence. Find out if self-funding with HM Stop Loss makes sense for your growth-focused clients at hmig.com/confidence/7 HM PRODUCT PORTFOLIO:

STOP LOSS

WORKERS’ COMPENSATION | CRITICAL ILLNESS | ACCIDENT | DISABILITY INCOME | TERM LIFE

MTG-2492 (3/13)

The Self-Insurer

| June 2013

June 2013

The Self-Insurer