How the Consolidated Appropriations Act (CAA) and ERISA Fiduciary Requirements Are an Anchor for Self-insured Employers to Navigate the Complexity of Healthcare
This episode’s conversation is about the new Consolidated Appropriations Act (CAA), the fee disclosure part of it, as well as ERISA and the fiduciary responsibility that self-insured employers are responsible to comply with under the law. Don’t worry, the first thing my guest in this healthcare podcast, Christin Deacon, does is explain these terms, what they actually mean, and how they can be a tool actually in CEOs’ or CFOs’ toolboxes to get access to the employer’s own claims data, which is a linchpin here that we’ll talk about in a sec.
But suffice to say here that the ERISA fiduciary responsibility has a few provisions and, in general, self-insured employer health plan administrators kind of tend to off-load worrying about these provisions to their brokers and consultants. The problem with this is that brokers and consultants do not bear the ERISA fiduciary responsibility. They do not bear the responsibility of complying with the CAA either. The employer does.
You’d think that, given this, more self-insured employers would dig in hard to do their own due diligence to check whether or not their plan is compliant. But they don’t. I asked Parker Edman from Leavitt Partners why, and he said he thought that it’s likely a combination of the “old boy’s network” and a fear of the massive lift that switching up plan designs or even looking at this might entail.
But here’s another facet: There’s a contingent of plan advisors and carriers who have a very vested interest in self-insured employers not knowing what’s going on with their spend. And they actually even have a magic trick that they have developed to beat back inquiries.
In this magic trick, HIPAA is the abracadabra. Let me give you an example role-play.
Self-insured employer: I need my claims data.
Carrier: HIPAA.
Self-insured employer: Nooo, not the HIPAA. I stand down. Forget I mentioned it.
Here’s a pro tip: Actually read HIPAA. Pull it up on your computer. It’s easy to find. Spoiler alert: You know what you’ll discover? Ninety percent of it is a love note to the carriers themselves that govern the data they must possess and the structure of that data.
Ten percent of it is about the privacy of that data, and in that 10%, it specifies clearly that a self-insured employer is a covered entity and, therefore, falls under the umbrella of who can have access to claims data, especially if it is de-identified.
Of course, said employer has obligations as to how to treat that data, but yeah, just don’t be fooled by the HIPAA when it’s wielded like sorcery. The only reason that word has any power is because so many C-suites let it have power.
Also now, there’s some provisions in the Consolidated Appropriations Act, the CAA (which was passed in 2020), which really ups the ante here. My guest, Christin Deacon, explains all of this and more, including what’s up with the CAA, which is good because I could barely remember the name of it throughout the course of this interview.
Christin Deacon is a healthcare leader and public-sector entrepreneur. She is a former deputy attorney general, a “recovering attorney” as she calls herself. Earlier this year, 2021, she left her role running the state health and school health benefits plan for about 800,000 New Jersey public employees. Now, she’s just transitioned to the private sector where she serves as an executive VP at 4C Health Solutions.
Comments