Diving into the New Requirements of Benefit Reporting, Part 1
by Dorothy M. Cociu, RHU, REBC, GBA, RPA, LPRT
President, Advanced Benefit Consulting & Insurance Services
Fullerton, California
Do you think it’s ever going to get any easier to comply with all of the current regulations for employer-sponsored health plans? In a recent survey of my employer clients, the answer was a resounding “NO!” Although I’ve prepared them for it for over 18 months, after first reporting it in late 2020, now that the deadlines have arrived or are about to, I watch their eyes glaze over when I do seminars and I ponder the no response when I ask the audience a question on several of these items.
All I can say to make you feel better is to remember what it was like when we first learned about the ACA rules. It seemed impossible then but, as time went on, it got easier, and we began to accept it and understand it.
Now, we’re doing the same thing with the myriad new regulations related to the Transparency in Coverage Shoppable Services Online Self-Service Tool, TiC Machine Readable Files, the CAA’s No Surprises Act and the CAA RX Benefit Reporting. If it makes you feel any better, I promise you that by mid-2023, it will probably all fall into place, and your eyes will reflect knowledge instead of pure confusion. At least, that is my hope!
Published in the Jan-Feb 2023 issue of America’s Benefit Specialist
BACKGROUND INFORMATION
As required in the Affordable Care Act, the Transparency in Coverage final rules (TiC) were issued on November ‘2, 2020. Not long after, the Consolidated Appropriations Act (CAA) was signed into law on December 27. It included the “No Surprises Act” (Title ‘ of Div. BB) and “Transparency” (Title II of Div. BB). On August 20, 202’, FAQs were issued (Part 49), which included new effective dates for some, but not all, of the TiC and CAA provisions.
The TiC final rule included requirements for machine-read- able files to be publicly disclosed, as well as an online self-service tool. The MRF public disclosure is defined as a digital representation of data or information in a file that can be imported or read into a computer system for further processing. Examples include .XML, .JSON and .CVS formats. As the title alludes to, MRFs are not intended for just any- one, such as a plan participant, to read. They of course can, as they are publicly posted, but they focus instead on being available for machines, or computer systems, to understand and decipher, and to use to provide overall data for future public disclosure in many forms. The data allows computer programs and systems to break it down and study the data for multiple disclosure purposes.
These laws have been considered among the most confusing and most difficult for our employer clients, so I wanted to write a detailed article to break it all down for you. Even Marilyn Monahan, benefits and insurance attorney, thinks it’s been confusing for employers. “Part of the good news here is that we do have more guidance available to us now, on both the TiC MRFs and the RX reporting,” she said.
TIC REQUIREMENTS FOR MRFS
The TiC requires plans and insurance issuers to publicly post two MRFs: In-Network Provider Rates for Covered Items and Services, and Out-of-Network (OON) Allowed Amounts for Covered Items and Services. For in-network items and services, the MRF must list, for each coverage option, negotiated rates for all covered items or services between the plan or issuer and the in-network providers. The Out-of-Network MRF must show, for each coverage option, both the historical payments to and the billed charges f rom out-of-network providers. This list will include the unique OON allowed amounts and billed charges for covered items and services furnished by OON providers during the 90-day period that begins ’80 days prior to the publication date of the MRF. Historical payments for a particular item or service and provider under a single plan or coverage must have a minimum of 20 entries or data is omitted to protect consumer privacy.
These first two MRFs were done to be posted by July ‘, 2022, for plan years on or after January ‘, 2022, by July ‘, 2022, so all renewal dates January through July had to be posted by July ‘, 2022, and for each renewal date after July ‘, they were required to be posted by that renewal date (i.e., August ‘ renewals by August ‘, 2022, September ‘ renewals by September ‘, 2022, and so forth).
“The responsibility of the employer,” stated Monahan, “is to make certain that the third parties that it works with will populate and post these MRFs.”
There was a requirement for a MRF for covered prescription drug prices, but that requirement was delayed indefinitely because of the CAA’s RX reporting requirements, which I’ll talk about later. They felt the TiC provisions would be duplicative of much of the CAA requirements.
The first two MRFs are required to be publicly available and accessible to any person, f ree of charge and without conditions, such as establishment of a user account, password or other credentials, or submission of any personally identifiable information to access the file. In other words, it must be publicly posted for anyone who wishes to see the data by simply clicking on the data links. The files must be updated monthly and clearly indicate the date of the update.
It is important to note that the MRF provision of the TiC does NOT apply to grandfathered health plans under the ACA, and does not apply to excepted benefits such as limited-scope dental and vision plans, or account-based group health plans such as HRAs or Health FSAs.
The MRFs are not required to be user-f riendly. Federal departments expect the data to be used by aggregators and researchers, who will apply the data to many future statistical and public disclosure reporting analytics.
Additional disclosures may include “data dictionaries,” dis- claimers and clarifications, such as explaining why the cost of care may vary f rom hospital to hospital or region to region. Some health insurance carriers have been adding language about the size and the use of the files as well.
One important requirement to be aware of is that all plan sponsor employers, whether fully insured or self-funded, are required to enter into a written agreement with the vendors providing them with the data, as well as posting the MRFs and links.
For fully insured health plans, the plan will satisfy the MRF mandate if the plan requires the health plan insurance issuer offering the coverage (i.e., the insurance carrier) to provide the information pursuant to a written agreement. Then, if the issuer fails to provide the information, “the issuer, but not the plan, violates the transparency disclosure requirements.”
For self-funded health plans, the plan may satisfy the MRF mandate if it enters into a written agreement under which another party (such as a TPA, healthcare claims clearing house, or administrative services only entity) will provide the information. However, if the third party fails to provide the information, “the plan…violates the transparency disclosure requirements.” The form of the agreement is not defined, but it’s vitally important, particularly to self-funded health plans, that they review the full agreement to ensure it pro- vides the protections of the plan and the employer needs, as well as transfers the liability to the third-party vendor that will be providing the data.
“The other main requirement for employers, whether fully insured or self-funded, is the written agreement,” said Monahan. “Employers don’t have access to the in-network pricing or the OON prices. Even if you’re self-funded, the employer itself doesn’t typically have that data. However, its TPA has it, its ASO has it, and so forth. So, if you are self-funded, you are relying on these third parties to compile and post the data. Similarly, if you have a fully insured plan, only the carrier-not the employer-will have this data. Therefore, you’re relying either on your insurance carrier or your TPA or ASO to take care of this. But what the employer has to do, under the rules, is to have a written agreement in place with that third party, through which that third party agrees to be responsible.
That is a requirement whether your plan is fully insured or self-funded. What’s unusual here is that the mandate to have a written agreement is actually written into the regulations – not only for self-funded plans but also for fully insured plans.”
Our main concern is of course employer/plan sponsor liability if they don’t have the written agreements in place. “If you don’t have a written agreement,” affirmed Monahan, “and the carrier fails to perform, then the employer could be liable.”
Note that this requirement is not part of the HIPAA Business Associates Agreement, as BA agreements only include protections related to HIPAA Privacy & Security, and no other requirements. Your standard administrative agreement will need to be amended, or a separate written agreement will need to be entered into.
POSTING MRFS
Recent guidance has clarified some of the questions we had related to who posts the data and links to the post. The MRFs must be posted on a public website but they may be posted by a third-party, such as the issuer or TPA, on behalf of the plan.
Updated guidance states that a distinction is drawn be- tween the employer and the employer’s group health plan. A third party (like an issuer or TPA) may post the data on its public “website for the plan” if there is a written agreement,
but if the employer’s group health plan does not have its own website, the “plan” does not have to create its own website, either to post the files or provide a link. If the “plan” maintains a public website, the plan must post a link to the aggregated “allowable amounts” file posted by the third party. The “employer’s” public website does not have to post the data or a link. This could potentially be different than what some interpreted prior to recent guidance.
Another important point for employers to understand is that it’s ongoing. “By the way,” stated Monahan, “this requirement is not going away. The MRFs have to be updated on a regular basis, and if you get a new carrier in the future, or you enter into a new relationship with a new TPA, this should be part of your discussion process.”
TIC FINAL RULE-ONLINE SELF-SERVICE TOOL FOR SHOPPABLE SERVICES
We’ve been hearing about the online self-service tool for shoppable services for about two years now. What does it require and what is its intent?
“For the first time, most consumers will be able to get real-time and accurate estimates of their cost-sharing liability for healthcare items and services f rom different providers in real time, allowing them to both understand how costs for covered healthcare items and services are determined by their plan, and also shop and compare healthcare cost before receiving care,” said Monahan.
The online self-service tool under the TiC final rule requires plans and issuers, although not grandfathered plans (but see below as the CAA does require similar provisions for grandfathered plans) to make available to participants personalized out-of-pocket cost information, and the underlying negotiated rate, for all covered healthcare items and services, including prescription drugs, through both an Internet-based self-service tool and in paper form upon request. (The CAA also adds a telephone requirement.)
What has to be disclosed is an initial list of 500 “shoppable” items or services, as identified by the departments, that must be available for plan years beginning on or after January ‘, 2023.
A shoppable service is one that can be scheduled in advance and typically is provided in non-urgent situations, thus allowing patients to price-shop and schedule the service when it’s convenient for them, at the most affordable rates. The 500 shoppable services are defined; all entities are re- quired to post the same items and services, for easy comparisons for consumers.
All other items or services must be available for plan years beginning on or after January ‘, 2024.
CAA PRICE-COMPARISON TOOL
The CAA price-comparison tool is “largely duplicative” of the TiC self-service tool, but it also applies to grandfathered plans (grandfathered under the ACA) and includes a requirement to provide the information as required above by the TiC but also a requirement to provide information over the phone. The implementation date of the CAA price-comparison tool was delayed until January ‘, 2023, to be consistent with the TiC self-service tool requirements.
To clarify, grandfathered plans under the ACA are only exempt f rom the MRF posting requirements; they are NOT exempt f rom the price-comparison/TiC online self-service tool. Grandfathered health plans under the ACA are not exempt f rom the online self-service tool requirements.
We highly recommend that employers consider employee and plan participant communications about the price-com- parison/online self-service tool so that they understand that they can start fully shopping their non-emergency services for cost containment.
The CAA price-comparison tool also requires a written agreement with the health plan issuer/carrier. For fully insured plans, you must enter into a written agreement with your issuer. For self-funded plans, you must either comply or outsource this task to a TPA or ASO vendor. If the self-funded employer outsources it (most will need to as they don’t have access to the information required), they should enter into a written agreement and consider adding it to the SPD for plan participant information.
Like the TiC written agreement requirements, the self-funded health plan still remains liable, but should enter into an agreement that ensures that the third party will provide the data and post the requirements and provide appropriate protections for the health plan and employer.
NO SURPRISES ACT
The No Surprises Act is intended to prevent balance-billings in certain circumstances. These provisions are applicable to health plans and health plan issuers (i.e., carriers) for major medical coverage. They do not apply, however, to stand- alone dental or vision plans.
Under the NSA, emergency services must be treated on an in-network basis without prior authorization, regardless of where they are provided. The NSA modified the requirements for emergency services to include a prudent-lay- person standard to determine what is or is not an emergency. The NSA also bans out-of-network cost sharing for non-emergency services at an in-network facility. Under the NSA, non-emergency services require a standard for deter- mining cost-sharing amounts (typically, the lesser of the billed charge and the “qualifying payment amount” or QPA). It’s important to note that, in some circumstances, a patient can consent, with advance notice, to pay an out-of-network rate, subject to the NSA rules.
Similar to the CAA pharmacy reporting disclosures, the NSA requires 2022 plan data to be reported by March 3′, 2023, and 2023 data to be reported by March 3′, 2024. Under the air-ambulance provisions of the CAA, fully insured and self-funded employers will need contracts in place with a carrier or TPA to provide these services. Self-funded plans retain the liability, the same as other provisions of the TiC and CAA discussed in this article.
EMERGENCY MEDICAL CONDITION
The NSA changed the definition of an emergency medical condition to a medical condition manifesting itself by acute symptoms of sufficient severity (including severe pain) such that a prudent layperson who possesses an average knowledge of health and medicine could reasonably expect to: 1) place their health in serious jeopardy, 2) seriously impair bodily functions or 3) cause serious disfunction to a bodily organ or part.
Plans must ultimately determine whether the standard was met by reviewing presenting symptoms without imposing any type of time limit between onset and presentation for emergency care.
Of course, the NSA made changes to requirements for ID cards, with new language requirements, provider directories and more.
Most important, the NSA required a new No Surprises
Act Notice, which incidentally, was modified mid-year 2022. If you used the model notice issued just prior to January ‘, 2022, note that you will need to use the new notice issued this past summer with your next renewal. These notices must be customized for each employer and, if fully insured, you must include any state law provisions on balance-billing that apply in your state (or multiple states). Self-funded plans following ERISA rules need only include the federal information on surprise-billing protections in the notices.
A notice of patient protections was also implemented with the NSA. Providers must notify patients if they intend to charge more than the network rate, and the patient must agree to the additional charges in writing. My personal fear continues to be that providers will bury the authorization with other paperwork that the patient must sign, and the patient will unknowingly give up his or her rights under the NSA.
The surprise-billing rules also require plans or issuers to provide an advance EOB to estimate charges for upcoming services. There are several other provisions included in the No Surprises Act, including the creation of a federal portal for claims disputes, which must be submitted into the independent dispute resolution process.
QUALIFIED PAYMENT AMOUNT
The QPA is the median of the in-network rate in a geographic area. If there is no network, such as in a reference-based pricing plan, it becomes more complicated. In a fully insured plan, the carrier will deal with the QPA and the IOR. In a self-funded plan, the plan sponsor, TPA or ASO vendor will be directly involved.
Under the NSA, if a self-funded health plan and an out-of- network provider cannot agree on a payment rate, they must go through the new independent dispute resolution (IOR) process. The Interim Final Rule states the contracted rates between providers and the network provider for the health plan would be treated as the self-insured plan’s contracted rates for purposes of calculating the QPA.
A median contract rate should be determined by taking into account every group health plan offered by the self-insured plan sponsor. The Interim Final Rule (IFR) allows for ad- ministrative simplicity for self-funded plans to permit the TPA that processes their claims to determine the QPA for the plan sponsor by calculating the median contract rate based on all of the plans that it processes and administers claims for. The IFR states that the contracted rates between providers and the network provider for the health plan would be treated as the self-insured plan’s contracted rates for purposes of calculating the QPA.
INDEPENDENT DISPUTE RESOLUTION PROCESS
If a payer such as a carrier or health plan cannot resolve a payment settlement with a provider, then the payer and provider must resolve the payment dispute using methods of negotiation and arbitration. The No Surprises Act requires payers to send an initial payment or denial of payment of a claim no longer than 30 days after a claim is submitted. After the 30-day period, either party may begin negotiations on a claim. If the parties involved cannot agree on payment terms during the 30-day period, then they will move to an IOR process. This process may be initiated within four days of the 30-day period (for a 34-day window).
Each entity will offer a final payment amount, then the arbiter will use a variety of factors to determine the final amount, including geographic areas, service codes, etc. The intent is to make it fair to both parties. Under the IOR process, they are not allowed to use lower payment rates such as Medicare or Medicaid.
The IOR does not impact the consumer or plan participant. The dispute is between the provider and the health plan. The provider has no recourse against the consumer and, there- fore, it is not an adverse benefit determination. It’s important to note that the IOR uses baseball-style arbitration, meaning that the arbiter must select one offer or the other. There is no splitting the difference. Therefore, it’s important that the parties submitting the dispute into the federal portal must take time and fully understand the process in order to win in an arbitration case within the IOR.
On August 19, 2022, the federal departments released the Final Rule implementing the IOR process under the NSA. In this release, they noted that, effective 60 days after publication in the Federal Register, the following modifications were made in the NSA:
a) eliminates the rebuttable presumption standard
b) increases claims downcoding transparency
c) strengthens arbitration explanation
In the final rules, they released an IORE (certified independent dispute resolution entity, or federal arbiter) Fact Sheet, provided a status update on arbitration claims, and released FAQs related to Surprise Billing and Transparency in Cover- age Rule.
The Federal IOR Portal did not open on January 1, 2022, as expected. It was delayed until April 15, 2022. The departments released an update on the IOR portal with the final rules. It’s important to note that the cases are seriously backlogged due to the delay in opening the portal. In addition, only 12 CI- OREs (arbiters) were approved to date, and two have stopped taking new cases, leaving only 10 companies providing arbitration services in the portal.
Data on the first period’s activity (April 15 to August 11, 2022) includes the following:
a) 46,000 total number of disputes initiated, which was “substantially more than the departments initially estimated would be submitted for a full year”
b) 1,200 cases in which CIOREs have made a payment determination
c) 21,000 non-initiating party challenged eligibility – nearly half of the disputes
d) 7,000 disputes were found ineligible by CIOREs
I want to point out that cases have resulted in approximately 60/40 in favor of providers, where early indications were that health plans had the advantage. Is this perhaps be- cause providers are doing a better job of providing additional information? In my opinion, it would appear so. Providers have been studying the rules and practicing submitting “additional information” that would increase their payment amounts. Health plans appear to have not done such home- work, and those submitting the dispute information, such as third-party administrators, need to learn more about this and take more time before they submit to be sure all of the additional elements are included, which can influence an arbitrator to rule in favor of the health plan more frequently.
FINAL RULE CLARIFICATIONS ON THE IOR PROCESS
Clarifications in the Final Rule include downcoding. By definition, downcoding occurs when a payer alters a service code by changing it to another code or altering, adding or removing a modifier in a way that results in a lower QPA relative to the billed claims. The Final Rule requires payers to disclose to providers if a claim has been downcoded for the purpose of computing the QPA. If so, the payer must:
a) provide a statement that codes or modifiers were down- coded
b) explain why a claim was downcoded, including a description of which codes or modifier were altered, added or removed
c) specify the amount that would have been the QPA had the codes or modifiers not been downcoded
Another clarification in the Final Rule was on the QPA de- termination/payment considerations for non-RBP plans. The Final Rule eliminates the rebuttable presumption standard. In addition, the Final Rule kept the central role for QPA and the standards that allow a CIDRE to choose an offer that “best reflects appropriate out of network payment.” The Final Rule begins with consideration of the QPA, then all other “credible” additional information, and then decides which rate best reflects the appropriate payment amount for the OON service without double counting. Despite the departments’ emphasis on considering the QPA, IDRES now have authority to give equal weight to the provider’s additional information (whether “credible” or not).
Other final rule clarifications are related to federal arbitration decisions. The Final Rule directs the IDRE to include in written decisions information used to determine that the “offer” selected best represented the value of the item or services, including the weight given to the QPA and any credible “additional information.” As part of the Final Rule, they released FAQs for self-insured plan QPA calculation. In the Final Rule, the departments explain how a SF group health plan should calculate a QPA when the plan offers multiple benefit package options that are administered by different TPAs. In addition, for RBP plans with no network, they provided for the applicability of surprise-billing protections. In the final rule, they stated that RBP plans will always be subject to surprise-billing requirements, but only in cases in which emergency care is furnished. NSA protections apply when an enrollee receives covered emergency care or air-ambulance services. In an RBP plan, patients would NOT be protected f rom OON bills for non-emergency care (because there can never be an in-network medical facility if the RBP plan has no network).
Next month: pharmacy requirements.
Sources:
ACA FAQs, Part 49
www.dol.gov/agencies/ebsa/laws-and-regulations/laws/no-surprises-act;
www.cms.gov/nosurprises www.cms.gov/files/document/model-disclosure-notice-patient-protections-against-surprise-billing-providers-facilities-health.pdf
www.cms.gov/nosurprises/policies-and-resources/overview-of- rules-fact-sheets
Dorothy Cociu is the president of Advanced Benefit Consulting in Anaheim, California. Advanced Benefit Consulting & Aditi Croup offer privacy and security training, consultation and implementation system assistance, as well as risk-assessment services on an ongoing basis.
Author‘s Note: I’d like to thank Marilyn Monahan of Monahan Law Office for her assistance with this article and our related seminars and webinars.