Each year, the federal government updates regulations regarding health insurance and other benefits that small and mid-sized employers must offer to employees. The government’s definition of a small employer is any business with 50 employees or less.
Axcet HR Solutions, an employee benefits company in Kansas City, is a professional employer organization (PEO) for small and mid-sized companies. We understand how challenging it can be for smaller businesses to keep up with compliance legislation, especially after all the changes over the last year due to the pandemic.
Axcet offers this employee benefits compliance checklist for small employers to help businesses in the Kansas City area understand their obligations to avoid fines and other sanctions that result from non-compliance. Assistance with compliance is one of several services we offer related to human resources.
Axcet Paying Subsidized COBRA Premiums for Duration of America Rescue Plan Act
On April 1, 2021, Congress implemented the America Rescue Plan Act (ARPA) that has a significant impact on employers that reduced employee hours or eliminated positions. From April 1 to a maximum end date of September 30, 2021, Congress requires employers to pay the full COBRA premium for employees who became ineligible for health insurance due to employment changes. The reduction in hours or involuntary separation need not be related to COVID-19 for ARPA to apply.
The federal government will credit employers for every dollar they contribute towards employee COBRA premiums when they pay quarterly payroll taxes. Employer obligation to pay for COBRA coverage extends to employee dependents who were on a company-sponsored health insurance plan before the employee lost eligibility.
Employers have no obligation to pay premiums for employees who separated voluntarily or who are eligible under another health plan. Obtaining coverage through a spouse’s employer or becoming eligible for Medicare are two common examples.
Employees eligible for this benefit under ARPA are subject to an 18-month lookback period. An employee or former employee’s six-month subsidy may end prior to September 30, 2021, if the maximum period of coverage occurs before then.
Employer Notice Requirements
Employers have until May 31, 2021, to update COBRA election notices describing the six-month subsidy available to terminated employees and those who had their hours reduced. Axcet manages all notice requirements according to legal guidelines. We send the following letters to employees based on their COBRA status:
- Inform current COBRA participants that they do not need to make premium payments for the six-month subsidy period.
- Inform those not currently on COBRA but still within their maximum coverage period of their eligibility for the six-month subsidy.
We also send a notice to all affected employees and former employees when the subsidy period ends.
If an employee makes a COBRA premium payment during the subsidy period, Axcet will refund it as soon as possible on the employer’s behalf. Should employers pay more towards COBRA premiums than they owe in payroll tax, they become eligible for a refundable credit.
Changes to HIPAA in 2020 and 2021 Due to the COVID-19 Pandemic
Although the pandemic did not cause permanent changes to patient privacy laws under HIPAA, employers, medical providers, and insurers had greater flexibility regarding its interpretation than they ever had in the past. HIPAA regulations state that the Breach Notification Rule, Privacy Rule, and Security Rule do not change in emergency situations like a public disease outbreak. However, it does state that compliance enforcement can ease to match the specifics of the emergency.
The Office of Civil Rights (OCR) of the United States Health and Human Services Department maintains responsibility for enforcing and modifying HIPAA. The office implemented flexibility in the following four areas due to the pandemic:
Good Faith Telehealth Remote Communications During the COVID-19 Nationwide Public Health Emergency: To enable more people to complete routine medical appointments from home, the OCR waived potential penalties to medical providers for providing telehealth services using common and available technology. Platforms previously considered non-HIPAA compliant such as Zoom or FaceTime have been acceptable to use since March 17, 2020.
Good Faith Uses and Disclosures of Protected Health Information by Business Associates for Public Health and Health Oversight Activities: As of April 2, 2020, the OCR will not impose penalties and will exercise discretion with enforcement for business associates of entities mandated to follow HIPAA. The provision relates to disclosure of private health information (PHI) for public health oversight purposes.
Normally, the OCR prohibits these disclosures and uses unless a written business associate agreement exists that permits such disclosures. Although applicable parties will not face fines or other sanctions, they must notify the covered entity within 10 days of the disclosure until further notice.
Participation in the Operation of Community-Based Testing Sites During the COVID-19 Nationwide Public Health Emergency: Effective April 9, 2020, the OCR announced it would relax enforcement for non-compliance with HIPAA regarding the good-faith operation of COVID-19 testing sites. This applies to all covered entities and their business associates at walk-up, drive-up or mobile testing sites.
Enforcement discretion applies to all activities involved with collecting specimens for COVID-19 testing. Although it has relaxed penalties, the OCR still encourages all parties involved with testing to use reasonable safeguards to protect participant PHI.
Notice of Enforcement Discretion Regarding Online or Web-Based Scheduling Applications for Scheduling of COVID-19 Vaccination Appointments: The OCR announced this policy on January 21, 2021, to coincide with the first rollout of COVID-19 vaccines. HIPAA penalties and sanctions will not apply to entities bound by HIPAA or their business associates related to the good faith use of web-based or online applications to schedule COVID-19 vaccines.
The relaxed standard applies to environments not normally considered HIPAA-compliant because no business associate agreement was in place. The OCR encourages affected parties to implement protocols such as encryption of data to ensure PHI remains protected.
Axcet HR Solutions Available to Assist Small Employers with Compliance and More
From remaining in compliance with federal and state regulations to workplace safety issues to dealing with employee benefits and payroll, small businesses have a lot of responsibility but not always the resources to meet them. As a PEO serving small and mid-sized businesses in the Kansas City area, Axcet acts as a co-employer to provide outsourced administrative support. We invite anyone interested in learning more about partnering with Axcet to request a consultation here.