Question: What is the action item for employers with respect to the new Transparency in Coverage (TiC) rules requiring health plans to disclose certain in-network, out-of-network, and prescription drug pricing information?

Short Answer: The TiC rules require the group health plan to post links to the machine-readable files containing the TiC pricing information on a publicly available website. Employers sponsoring fully insured medical plan options can rely on the insurance carrier to satisfy this requirement. However, pending further guidance, employers sponsoring a self-insured medical plan option must confront difficult choices to determine the most appropriate course of action to comply.

General Rule: Transparency in Coverage Machine-Readable Files

In late 2020, the Departments of Labor, Health and Human Services, and the Treasury (Departments) issued final Transparency in Coverage (TiC) rules under the ACA.

The TiC rules require non-grandfathered health plans to provide public pricing disclosures via three separate sets of machine-readable files posted on a public website:

In-Network File: Negotiated rates for covered items and services between the plan and in-network providers.

Original Effective Date: First plan year beginning on or after January 1, 2022

Delayed Effective Date: July 1, 2022

Note: Plans with a non-calendar plan year beginning after July 1, 2022 are subject to the rule as of the first day of the 2022 plan year, consistent with the original effective date.

Out-of-Network File: Historical allowed amounts and billed charges for covered items and services provided by out-of-network providers.

Original Effective Date: First plan year beginning on or after January 1, 2022

Delayed Effective Date: July 1, 2022

Note: Plans with a non-calendar plan year beginning after July 1, 2022 are subject to the rule as of the first day of the 2022 plan year, consistent with the original effective date.

Prescription Drugs File: Negotiated rates and historical net prices for covered prescription drugs.

Original Effective Date: First plan year beginning on or after January 1, 2022

Delayed Effective Date: Delayed indefinitely, pending further rulemaking and determination of whether the requirement is still needed in light of additional disclosures added by CAA 2021.

“Machine-readable file” is defined by the TiC rules to mean “a digital representation of data or information in a file that can be imported or read by a computer system for further processing without human intervention, while ensuring no semantic meaning is lost.” A computer system must be able to read the data in a non-proprietary, open format such as JSON, XML, and CSV.

Disclosure Requirements: Files Posted on Publicly Available Website

The TiC rules provide that a “group health plan or health insurance issuer must make available on an internet website” the required three machine-readable files described above.

Note: The Departments have indefinitely delayed the prescription drug component of the machine-readable files’ disclosure. The No Surprises Act component of CAA 2021 (enacted after the TiC rules were issued) contains potentially duplicative and overlapping reporting requirements for prescription drugs. The Departments intend to issue a new set of rules addressing whether the prescription drug machine-readable file requirement remains appropriate. In the meantime, there will be only two sets of machine-readable files posted (the in-network rates and the out of network allowed amounts and billed charges).

The group health plan or insurance carrier must update the machine-readable files monthly and clearly indicate the date the files were most recently updated.

Furthermore, the TiC rules provide that these “machine-readable files must be publicly available and accessible to any person free of charge and without conditions, such as establishment of a user account, password, or other credentials, or submission of personally identifiable information to access the file.” In other words, these files must be made available on a public website that anyone can access without any restrictions.

These rules apply directly to the insurance carrier for employers sponsoring fully insured medical plan options. However, the employer is responsible for satisfying this machine-readable files’ disclosure obligation for any self-insured medical plan options.

Public Website Posting: Practical Issues and Concerns for Employers Sponsoring a Self-Insured Plan

Employers with a self-insured medical plan face three main challenges with respect to the public website posting requirement:

Challenge #1: Ensuring TPA Will Create and Update Machine-Readable Files

No employer is reasonably going to be able to compile and update the information needed to satisfy the content requirements for these machine-readable files. Employers will need to ensure the TPA for the self-insured plan will create and maintain these files as part of their standard administrative services arrangement.

Fortunately, the TiC rules specifically recognize this issue and permit the group health plan to enter into an arrangement by agreement for the TPA to create and maintain these machine-readable files.

Challenge #2: Hosting the Large Files

These machine-readable files will in some cases contain an immense amount of data, which can lead to very large file sizes. Early reports are that file sizes may exceed a terabyte for some plans.

Employers may not have the website hosting capability to post such large files on a website maintained by the employer. Therefore, employers will look to the TPA to host these files and provide links that can be posted by the employer where appropriate for how the public can access that information.

Challenge #3: Where to Link to the Machine-Readable Files

In the only realistic scenario, the TPA will be creating, maintaining, and hosting the machine-readable files that satisfy the TiC rules. However, that still leaves the open question: Where do employers post the links to those files? The TiC rules require the disclosure be made by the group health plan, which is a different entity from the TPA.

The TiC rules provide that “if a plan or issuer chooses not to also host the file separately on its own website, it must provide a link on its own public website to the location where the file is made publicly available.”

In the best-case scenario, the employer maintains a publicly available website for the group health plan and can easily add the links to these machine-readable files to the list of other disclosures (e.g., SPD, SMM, SBCs, policies, certificates, EOCs, legal notices) already contained on the website. Employers in this situation should easily be able to satisfy the disclosure requirement by July 1.

In many cases the employer will have a non-publicly available website for the group health plan. For example, many group health plan sites maintained by employers require employees to first login with their credentials. In that case, the group health plan website will not satisfy the public disclosure component of the TiC rules.

It’s also very common for employers not to maintain any group health plan-related website. For example, many employers simply post group health plan material on a benefits administration system or company intranet site, and still others have no electronic means of disclosure for the group health plan.

In situations where the employer does not maintain a publicly available group health plan website, the options are as follows:

TPA-Created Group Health Plan Microsite: Some TPAs have offered to create a publicly available group health plan website on the employer’s behalf. These sites are commonly referred to as a “microsite.” However, TPAs are in some cases conditioning the availability of these microsites on situations where the employer has no publicly available website—even if that publicly available website is unrelated to the group health plan. Given that virtually all employers have some form of a public, customer-facing website, the microsite approach will be very limited in availability where TPAs impose this form of restriction.

Non-Publicly Available Group Health Plan Website: Employers facing this predicament may feel they have no practical option available other than to post the links to the machine-readable files on their non-publicly available group health plan website, or on their non-publicly available employer intranet or benefits administration system where they typically post employee benefits-related materials. Although this will not meet the “publicly available” standard in the TiC rules, there may be no other viable option for employers unwilling to create (or make publicly available) a website for the group health plan.

Create Publicly Available Group Health Plan Website: Employers may determine the only viable path is simply to create a publicly available group health plan website. That may be a site created in its entirety for this TiC disclosure purpose, or it may be accomplished by unlocking and making fully public any existing restricted group health plan website. Nothing in the TiC rules or other guidance states that an employer is required to take this more dramatic step, but absent additional guidance employers may feel this is the only path available to comply.

Employer’s Public-Facing Primary Customer Website: The least attractive option of those being discussed to address this issue is placing links to the machine-readable files on the employer’s corporate public-facing website for customers. The TiC rules are clear that the “group health plan” is to make the machine-readable files publicly available, and under ERISA the group health plan is a separate legal entity from the employer. Furthermore, virtually all corporate websites have no section related to the group health plan where it would be appropriate to include these links. While it is true that these corporate sites are in almost all cases publicly available, their detachment from any connection to the group health plan makes this approach dubious from both a compliance and suitability standpoint.

Employers will need further guidance from the Departments to better understand how to properly address this “missing link” component of the TiC rules.

Reminder: CAA Also Includes Significant Health Plan Price and Transparency Provisions

The Consolidated Appropriations Act, 2021 (“CAA 2021”) made more sweeping changes to employee benefits than CAA 2022. Although CAA 2021 may not have been intended as a health bill, it has proven to be the most significant health care reform effect since the ACA.

The most prominent of the CAA 2021 provisions for health plans is the No Surprises Act, which prevents surprise emergency, non-emergency, and air ambulance bills, as well as providing for temporary continuity of care rights for certain patients who lose access to network providers.

Also included in CAA 2021 are provisions requiring (with staggered effective dates) the mental health parity comparative analysis, medical ID cost-sharing information, machine-readable rates, annual reporting on pharmacy benefits and drug costs, and price transparency, disclosure, and comparison tools.

For full details, see:

Newfront Office Hours Webinar: 2021 Year in Review

The CAA Patient Protection Provisions Under the No Surprises Act

The CAA Mental Health Parity Comparative Analysis Requirement

Summary

With July 1 right around the corner, employers are beginning to grapple with some of the practical concerns surrounding the public disclosure of the TiC pricing information. The machine-readable files need to be made available and updated regularly on a publicly available website to avoid potential penalties of $100/day/participant.

Employers sponsoring fully insured plan can simply rely on the insurance carrier to satisfy this disclosure requirement. However, the situation is more complex for employers sponsoring self-insured major medical plan options.

The good news is that it appears that all of the major TPAs will create, maintain, update, and host the machine-readable files on their own publicly available websites. The bad news is that the TPA website does not appear to solve for the requirement that the group health plan—which is a separate entity from the TPA that is providing administrative services for the plan—post links to those files on a publicly available website. Pending further guidance, it remains unclear how employers are supposed to satisfy this disclosure requirement if they do not maintain a publicly available website for the group health plan.

Relevant Cites

29 CFR §2590.715-2715A3(b):

(b)  Requirements for public disclosure of in-network provider rates for covered items and services, out-of-network allowed amounts and billed charges for covered items and services, and negotiated rates and historical net prices for covered prescription drugs. A group health plan or health insurance issuer must make available on an internet website the information required under paragraph (b)(1) of this section in three machine-readable files, in accordance with the method and format requirements described in paragraph (b)(2) of this section, and that are updated as required under paragraph (b)(3) of this section.

…

(2)  Required method and format for disclosing information to the public. The machine-readable files described in this paragraph (b) must be available in a form and manner as specified in guidance issued by the Department of the Treasury, the Department of Labor, and the Department of Health and Human Services. The machine-readable files must be publicly available and accessible to any person free of charge and without conditions, such as establishment of a user account, password, or other credentials, or submission of personally identifiable information to access the file.

…

(ii) Other contractual arrangements. A group health plan or health insurance issuer may satisfy the requirements under this paragraph (b) by entering into a written agreement under which another party (such as a third-party administrator or health care claims clearinghouse) will provide the information required by this paragraph (b) in compliance with this section.

…

Additionally, nothing in this section prevents the Allowed Amount File from being hosted on a third-party website or prevents a plan administrator or issuer from contracting with a third party to post the file. However, if a plan or issuer chooses not to also host the file separately on its own website, it must provide a link on its own public website to the location where the file is made publicly available.

Departments ACA and CAA FAQs, Part 49:

The Departments recognize the number of CAA provisions plans and issuers are required to implement by January 1, 2022 and the considerable time and effort required to make the machine-readable files available in the form and manner required in the TiC Final Rules at the same time. Therefore, with respect to plan or policy years beginning on or after January 1, 2022, as an exercise of enforcement discretion, the Departments will defer enforcement of the requirement to make public the machine-readable files for in-network rates and out-of-network allowed amounts and billed charges, until July 1, 2022.

On July 1, 2022, the Departments intend to begin enforcing the requirement that plans and issuers publicly disclose information related to in-network rates and out-of-network allowed amounts and billed charges for plan years (in the individual market, policy years) beginning on or after January 1, 2022. For 2022 plan years and policy years beginning subsequent to July 1, 2022, plans and issuers should thus post the machine-readable files in the month in which the plan year (in the individual market, policy year) begins, consistent with the applicability provision of the TiC Final Rules. HHS encourages states that are primary enforcers of this requirement with regard to issuers to take a similar enforcement approach and will not determine that a state is failing to substantially enforce this requirement if it takes such an approach.

ERISA §502:

(d) Status of employee benefit plan as entity.
(1) An employee benefit plan may sue or be sued under this title as an entity. Service of summons, subpoena, or other legal process of a court upon a trustee or an administrator of an employee benefit plan in his capacity as such shall constitute service upon the employee benefit plan. In a case where a plan has not designated in the summary plan description of the plan an individual as agent for the service of legal process, service upon the Secretary shall constitute such service. The Secretary, not later than 15 days after receipt of service under the preceding sentence, shall notify the administrator or any trustee of the plan of receipt of such service.

(2) Any money judgment under this title against an employee benefit plan shall be enforceable only against the plan as an entity and shall not be enforceable against any other person unless liability against such person is established in his individual capacity under this title.