ML BeneBits

EXAMINING A RANGE OF EMPLOYEE BENEFITS
AND EXECUTIVE COMPENSATION ISSUES
The US Department of Labor (DOL) issued a press release on September 6, 2024 reminding ERISA plan fiduciaries that it considers cybersecurity to be an area of “great concern” and emphasizing that it continues to investigate potential cybersecurity-related ERISA violations. The press release accompanied guidance updating the DOL’s 2021 cybersecurity subregulatory guidance and, most significantly, clarifying that the 2024 updates apply to all types of ERISA plans, including health and welfare plans. In our view, this clarification now aligns the DOL’s cybersecurity guidance with the position it has taken in investigations and public statements.
The US Department of Health and Human Services (HHS) recently issued final regulations implementing Section 1557 of the Patient Protection and Affordable Care Act, which will restore and expand the scope of civil rights protections for patients.
The US Department of Health and Human Services, Office for Civil Rights (OCR) published its Final Rule titled HIPAA Privacy Rule to Support Reproductive Health Care Privacy in the Federal Register on April 26, 2024.
Fiduciary committees have long been established in connection with retirement plans to manage the investment, legal compliance, and operational risks that can arise under the Employee Retirement Income Security Act of 1974, as amended (ERISA). Since the enactment of the Patient Protection and Affordable Care Act (ACA) and, more recently, the Consolidated Appropriations Act, 2021 (CAA), welfare plan fiduciaries continue to take on increasing compliance responsibilities. Given the increased legal complexity of welfare plan administration, it may be time to consider establishing an administrative committee to help mitigate the various risks involved with managing a welfare plan.
The letter of intent has been executed. The due diligence is done. The purchase agreement is signed. The money has been wired. The deal has closed. You’re done—back to business as usual! Think again. For the folks responsible for employee benefits matters, whether it be the CEO, CFO, comptroller, or human resources team, the real work after a merger or acquisition may be just beginning.
The Consolidated Appropriations Act, 2021 (CAA), requires group health plans and insurers to annually attest that they are in compliance with the gag clause prohibition under the CAA. The first attestation is due no later than December 31, 2023 and covers the period from the date of the enactment of the CAA on December 27, 2020 through the date of the attestation. Future attestations will be due each subsequent December 31 and will cover the period since the last attestation was completed.
Based on new ERISA disclosure rules, now is a good time to review the compensation paid to your health plan’s consultant and broker. ERISA Section 408(b)(2)(B) requires brokers and consultants expecting $1,000 or more in direct and indirect compensation for services provided to group health plans to make detailed disclosures to the “responsible plan fiduciary” regarding their services and compensation.
The COVID-19 public health emergency and presidential declaration of national emergency are intended to end on May 11 and the US government recently issued guidance on unwinding these emergency declarations.
The Employee Benefits Security Administration (EBSA) of the US Department of Labor (DOL) has continued to be active in civil and criminal enforcement investigations of ERISA’s fiduciary duties. This blog post details two recent updates concerning the DOL’s ERISA enforcement program.