Employers that offer certain group benefits to employees are legally required to comply with various state and federal laws. Many areas of compliance impact group health benefits, such as ACA, COBRA, ERISA, HIPAA, and benefits notice compliance; non-compliance could result in costly fines, penalties, and possible employee lawsuits.
Having a comprehensive employee benefits compliance strategy in place can help businesses avoid these consequences and ensure that employees receive the benefits to which they are entitled. This employee benefits compliance checklist can help you get started.
Employee Benefits Compliance Plan Administration
Organizations that offer group benefits have a fiduciary duty to ensure that participants receive the promised benefits and that their rights are not violated. Plan administration may include the following tasks:
- Report benefits plan information to participants and governing agencies as required.
- Maintain proper documentation and records, including plan documents, insurance billings, internal claims, and wellness program materials.
- Review open enrollment practices and review plan alternatives and coverage options. Communicate all plan rights, options, and rates to eligible participants.
- Notify plan providers of employee benefit terminations and have departed workers removed from coverage.
Notifications & Disclosures
Employers that provide health insurance to employees are required to provide applicable notices to eligible participants and beneficiaries once a year. These may include:
- Summary of Benefits and Coverage (SBC)
- Grandfathered plan notices (for organizations with grandfathered plans)
- Patient protection and provider selection notifications
- HIPAA Notice of Privacy Practices
- Initial COBRA notice
- Employee Notice of Exchange
- Special enrollment rights notice
- Medicare Part D Notice
- Women’s Health & Cancer Rights Act Notice
- Wellness program disclosure
HIPAA Policies & Practices Regarding Employee Benefits Compliance
Organizations that handle Protected Health Information (PHI) must comply with HIPAA privacy policies and practices. Tasks may include:
- Designating a HIPAA Privacy Officer.
- Updating and maintaining a HIPAA policy that defines permitted use and disclosure of PHI.
- Take precautions to protect the storage and transmission of data.
COBRA Administration
Applicable employers are required to maintain COBRA procedures and policies or outsource COBRA administration to ensure compliance. This may include the following:
Provide initial COBRA notice to new participants.- Collect COBRA premium payments from participants and pay insurance providers on their behalf.
- Provide COBRA participants with plan information, rights, changes, and cost details.
Summary Plan Descriptions
Employers are tasked with creating a Summary Plan Description (SPD) or SPD wrap document for each group benefit that is being offered to employees. Organizations should also:
- Distribute SPDs to new participants within 90 days of enrolling.
- Distribute updated SPDs to current employees a minimum of every five years.
Flexible Spending Accounts
Organizations that offer Flexible Spending Accounts (FSAs) should perform the following tasks when applicable:
- Create plan documents, including SPDs.
- Ensure proper claim substantiation.
- Handle unused or forfeited FSA funds.
- Adhere to the contribution cap.
- Perform non-discrimination testing.
- Ensure ACA compliance.
- File Form 5500 with the IRS each year.
Health Reimbursement Accounts
Employers that offer Health Reimbursement Accounts (HRAs) must meet certain compliance requirements, including the following:
- Provide employees with a Summary of Benefits & Coverage document.
- Comply with HIPAA, ERISA, COBRA, and ACA regulations for contributing to employee’s IRA-qualified medical costs.
Health Savings Accounts
If applicable, employers who offer Health Savings Accounts (HSAs) to eligible employees must meet the following requirements for compliance:
- Notify employees regarding HSA rules.
- Communicate with employer partners on HSA contribution guidelines.
- Report employer contribution amounts.
ACA Reporting for Employee Benefits Compliance
Applicable Large Employers (ALEs) with 50 or more employees are required to comply with ACA regulations. To comply with these regulations, organizations must:
- Track employee data throughout the year, including employee name, social security number, address, phone number, and similar data.
- Provide eligible employees with Form 1095-C once a year.
- If self-funded, provide F 1095-B to any employee who was full-time for one month during the year.
401(k) Plans
Organizations that offer 401(k) retirement accounts to employees can avoid compliance issues by performing the following tasks:
- Distribute copies of the most up-to-date plan documents.
- Complete Form 5500 each year. Maintain an investment policy statement.
- Communicate participation rights to eligible participants.
- Distribute 401(k) SPD to participants.
- Provide Form 1099-R reporting on pension distributions to the IRS.
- Maintain a list of board of directors members and plan trustees.
Family Medical Leave Act (FMLA)
Employers with 50 or more employees are required to comply with the Family Medical Leave Act, which provides eligible employees with up to 12 weeks of job-protected, unpaid leave each year. To comply with the FMLA, organizations should:
Maintain current FMLA policy and procedures.- Follow guidelines for FMLA eligibility and approval.
- Track FMLA leave and notify participants when the leave has expired.
- Permit up to 12 weeks of leave intermittently or all at once.
Get Help with Employee Benefits Compliance from eBen
Having a trusted partner to assist with employee benefits compliance can help organizations avoid fines and penalties associated with non-compliance. Reach out to the employee benefits experts at eBen to discuss how we can help you.
