Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 118th Congress · H.R. 5378 (Introduced in House) — To promote price transparency in the health care sector, and for other purposes. · Sec. 401

Sec. 401. Increasing Plan Fiduciaries’ Access to Health Data

1,277 words·~6 min read·/bill/118/hr/5378/ih/section-401

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Paragraph
(2)of section 408(b) of the Employee Retirement Income Security Act of 1974 ( 29 U.S.C. 1108(b) ) is amended by adding at the end the following new subparagraph: No contract or arrangement for services between a group health plan and any other entity, including a health care provider (including a health care facility), network or association of providers, service provider offering access to a network of providers, third-party administrator, or pharmacy benefit manager, is reasonable within the meaning of this paragraph unless such contract or arrangement— allows the responsible plan fiduciary to audit or review all de-identified claims and encounter information or data described in section 724(a)(1)(B) to— ensure that such entity complies with the terms of the plan and any applicable law; and determine the reasonableness of compensation received by such entity; and does not— unreasonably limit the number of audits permitted during a given period of time; limit the number of de-identified claims and encounter information or data that the responsible plan fiduciary may access during an audit; limit the disclosure of pricing terms for value-based payment arrangements or capitated payment arrangements, including— payment calculations and formulas; quality measures; contract terms; payment amounts; measurement periods for all incentives; and other payment methodologies used by an entity, including a health care provider (including a health care facility), network or association of providers, service provider offering access to a network of providers, third-party administrator, or pharmacy benefit manager; limit the disclosure of overpayments and overpayment recovery terms; limit the right of the responsible plan fiduciary to select an auditor; otherwise limit or unduly delay by greater than 60 calendar days after the date of request the responsible plan fiduciary from auditing all de-identified claims and encounter information or data; or permit the entity to charge a fee beyond the reasonable direct costs to provide the required information and otherwise comply and assist with an audit request. Covered service providers shall provide information under this subparagraph in a manner consistent with the privacy, security, and breach notification regulations promulgated under section 13402(a) of the Health Information Technology for Clinical Health Act, and shall restrict the use and disclosure of such information according to such privacy regulations. A responsible plan fiduciary receiving a report under this subparagraph may disclose such information only to the entity from which the report was received, the group health plan for which the report pertains, or to that entity’s business associates as defined in section 160.103 of title 45, Code of Federal Regulations (or successor regulations) or as permitted by the HIPAA Privacy Rule (45 C.F.R. parts 160 and 164, subparts A and E). Nothing in this section shall prevent a group health plan or health insurance issuer offering group health insurance coverage, or a covered service provider, from placing reasonable restrictions on the public disclosure of the information contained in a report described in this subparagraph, except that such plan, issuer, or entity may not restrict disclosure of such report to the Department of Labor. . Subsection
(c)of section 502 of such Act ( 29 U.S.C. 1132 ) is amended by adding at the end the following new paragraph: In the case of an agreement between a group health plan and a health care provider (including a health care facility), network or association of providers, service provider offering access to a network of providers, third-party administrator, or pharmacy benefit manager, that violates the provisions of section 724, the Secretary may assess a civil penalty against such provider, network or association, service provider offering access to a network of providers, third-party administrator, pharmacy benefit manager, or other service provider in the amount of $10,000 for each day during which such violation continues. Such penalty shall be in addition to other penalties as may be prescribed by law. . Paragraph
(6)of section 502(a) of such Act is amended by striking or
(9)and inserting (9), or
(13). Section 410 of such Act is amended by adding at the end the following new subsection: Any provision in an agreement or instrument shall be void as against public policy if such provision— unduly delays or limits a plan fiduciary from accessing the de-identified claims and encounter information or data described in section 724(a)(1)(B); or violates the requirements of section 408(b)(2)(C). . Clause
(i)of section 408(b)(2)(B) of such Act is amended by striking this clause and inserting this paragraph . Section 724(a)(3) of the Employee Retirement Income Security Act ( 29 U.S.C. 1185m(a)(3) ) is amended to read as follows: Subject to subparagraph (C), the plan fiduciary of a group health plan or health insurance issuer offering group health insurance coverage shall annually submit to the Secretary an attestation that such plan or issuer of such coverage is in compliance with the requirements of this subsection. Such attestation shall also include a statement verifying that— the information or data described under subparagraphs
(A)and
(B)of paragraph
(1)is available upon request and provided to the plan fiduciary, the plan administrator, or the issuer in a timely manner; and there are no terms in the agreement under such paragraph
(1)that directly or indirectly restrict or unduly delay a plan fiduciary, the plan administrator, or the issuer from auditing, reviewing, or otherwise accessing such information, except as permitted under section 408(b)(2)(C). Subject to clause (ii), a group health plan or issuer offering group health insurance coverage may not enter into an agreement with a third-party administrator or other service provider to submit the attestation required under subparagraph (A). In the case of a group health plan or issuer offering group health insurance coverage that is unable to obtain the information or data needed to submit the attestation required under subparagraph (A), such plan or issuer may submit a written statement in lieu of such attestation that includes— an explanation of why such plan or issuer was unsuccessful in obtaining such information or data, including whether such plan or issuer was limited or prevented from auditing, reviewing, or otherwise accessing such information or data; a description of the efforts made by the plan fiduciary to remove any gag clause provisions from the agreement under paragraph (1); and a description of any response by the third-party administrator or other service provider with respect to efforts to comply with the attestation requirement under subparagraph (A). . Not later than 1 year after the date of enactment of this Act, the Secretary of Labor shall submit to the Committee on Education and the Workforce of the House of Representatives a report on the status of de-identified claims and encounter information or data described in section 724(a)(1)(B) of the Employee Retirement Income Security Act of 1974 ( 29 U.S.C. 1185m ), including information on the following: Whether changes to regulations or guidance would permit such information or data to be deemed a group health plan asset (as defined under section 3(42) of such Act). Whether restrictions on the ability of a plan fiduciary to access such information or data violates a requirement of current law. The existing regulatory authority of the Secretary to clarify whether such information or data is the property of a group health plan, rather than a service provider. Legislative actions that may be taken to establish that such information or data related to a plan belongs to a group health plan and is handled in the best interests of plan participants and beneficiaries. The amendments made by subsections
(a)and
(b)shall apply with respect to a plan beginning with the first plan year that begins on or after the date that is 1 year after the date of enactment of this Act.
Connectionstraces to 3
Citation graph
cites case law
Sec. 401
Increasing Plan Fiduciaries’ Access to Health Data
U.S.C.§ 1108
U.S.C.§ 1132
U.S.C.§ 1185m
Cites 3Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.