For many small and medium-sized businesses (SMBs) with limited budgets, it can be tempting to try to save money on benefits spend self-administering your employees’ health benefits. While this may seem more cost-effective, any mistakes you make that put your plan out of compliance can cost you and your organization thousands of dollars in fines.
If you offer or plan to offer a health reimbursement arrangement (HRA), investing in a compliant HRA software solution is a great way to avoid potential pitfalls. With HRA software, you can ensure your benefit follows the guidelines set forth by the IRS and other regulations so you can focus on running your business.
To better understand how SMBs can benefit from HRA software, we’ll go over six easy-to-miss areas of compliance that this type of administrative tool monitors to ensure your HRA follows all the necessary regulations.
Since its inception in 2010, the Affordable Care Act (ACA) has helped to expand Medicaid services, created Health Insurance Marketplaces, enabled individuals with pre-existing conditions to enroll in health coverage, and required qualified health plans to cover ten essential health benefits.
But you may not know that the ACA also created specific requirements for employers offering an HRA and other employer-sponsored health plans. To comply with the ACA, an HRA must meet health insurance market reforms1.
Here are some ACA regulations that apply to HRAs in some instances:
HRAs must also follow the HIPAA Privacy Rule. To administer a reimbursement health plan, the entity processing the claims receives protected health information (PHI), which HIPAA protects.
HRA reimbursement claim documentation may contain several protected PHI like Social Security numbers, medical record numbers, biometric identifiers, full-face photos, and geographic data.
If you’re offering a health benefit like an HRA, your plan administrator must keep your employees’ PHI safe so it’s not shared or viewed by those not authorized to see it. Employers that don’t comply or negligently release employees' PHI can face fines ranging from $100 to $50,000 per individual violation2, depending on the level of seriousness.
The federal government considers HRAs group health plans (except for a QSEHRA), so they’re subject to regulations outlined by the Consolidated Omnibus Budget Reconciliation Act (COBRA). Under COBRA, employees who experience a qualifying event are eligible for continuation coverage under the employer’s plan.
COBRA applies to all U.S. employers with 20 or more FTEs. But, many states require employers with fewer than 20 employees to offer continued coverage to employees—this is known as mini-COBRA3.
Circumstances that allow employees to get continued coverage under COBRA include:
Circumstances that allow dependents and spouses of a covered employee to get continued coverage include:
If you offer an ICHRA or a group coverage HRA (GCHRA), you must give your former employees and their dependents the option to continue to participate in the HRA.
An employer that fails to extend COBRA coverage to participants can face hefty fines—up to $110 per day for failure to provide an initial notice or election notice4 and potentially the medical costs the qualified beneficiary incurred when they didn’t have coverage.
Another compliance area HRA plan administrators must follow is the Medicare Secondary Payer (MSP) provisions. This legislation makes Medicare the secondary health insurance payer to certain primary plans. Proper reporting on how Medicare and primary plans interact ensures Medicare doesn’t overpay for services that the primary insurer is responsible for paying.
These reporting requirements apply to all group health plans, so if you have any employees enrolled in Medicare who participate in your HRA, you must provide coverage information to the Centers for Medicare and Medicaid Services (CMS) per the MSP requirements.
Organizations with fewer than 20 employees and employers that offer an annual HRA allowance of less than $5,000 per employee are exempt from MSP requirements.
The detailed report you send CMS will allow better coordination of payer responsibilities between the employees’ HRA and Medicare plans. Failure to comply could result in fines of up to $1,000 daily5.
Next, the Employee Retirement Income Security Act of 1974 (ERISA) requires employers to establish and maintain their HRA plan with a “written instrument” known as a summary plan document (SPD).
An SPD is a summary of your benefit plan that outlines the benefit’s details and requirements. It defines specific details like eligible expenses for reimbursement, employer contribution limits, allowance amounts, whether HRA funds may roll over from year to year, how to file a reimbursement claim, and other essential information.
If this is your first time offering an HRA, you must give your employees an SPD within 120 days of establishing the plan. Newly eligible participants in an existing HRA must receive their SPD within 90 days of their plan’s first date of coverage.
Not only could you face adverse action for failing to have a plan document, but it would also be difficult for you to prove plan terms and enforce its provisions. Not to mention, your employees won’t be able to get the most out of their HRA if they don’t understand all the plan details.
Finally, the U.S. federal government has specific regulations that employers must comply with to reimburse employees for individual health insurance plan premiums compliantly without violating ERISA.
For example, an arrangement where an employer reimburses an employee for some or all of their individual health insurance premiums is an employer payment plan (EPP). While EPPs used to be popular before the ACA, they don’t comply with current ACA market reforms.
If you offer an EPP, you could face a penalty of $100 per day per affected employee (or $36,500 per year per employee)6.
You can legally reimburse your employees for their individual health plan premiums with a QSEHRA or ICHRA under the ACA and ERISA. Additionally, a GCHRA integrates with traditional group health insurance as another way employers can cover their employees’ out-of-pocket medical expenses.
By now, it may be easy to see how self-administrating your HRA could be challenging. In addition to being time-consuming, you may need help with compliance requirements or find yourself in financial jeopardy if you make a mistake.
If you’re interested in employee benefit administration software, consider PeopleKeep. Our HRA software gives employers an all-in-one benefits platform for their HRA plan needs.
PeopleKeep makes HRA compliance easy for you by:
We also work with a third-party insurance concierge service partner to help your employees purchase the best health plan for them.
Additionally, our award-winning support team helps you and your employees use the benefit. Most importantly, our software will help you stay compliant by keeping your benefit updated with all current rules and regulations.
HRAs are a flexible health benefit option for employers of all sizes. But that doesn’t mean they're free from compliance regulations. From following the ACA’s requirements to drafting ERISA-compliant plan documents, administering an HRA can feel daunting—but it doesn’t have to be!
With an HRA administration tool like PeopleKeep, you’ll only need a few minutes every month to manage your employees' health benefits compliantly, so you can save time and not fall subject to costly ACA penalties.
This article was originally published on June 5, 2016. It was last updated on November 17, 2023.