Sec. 8. Oversight of administrative service providers
2,729 words·~12 min read·
/bill/119/hr/5582/ih/section-8A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
Subpart B of part 7 of subtitle B of the Employee Retirement Income Security Act of 1974 ( 29 U.S.C. 1021 et seq. ) is amended by adding at the end the following: For plan years beginning on or after the date that is 2 years after the date of enactment of this section, no agreement between a group health plan (as defined in section 733(a)), the plan sponsor of such plan (as defined in section 3(16)(B)), the plan administrator of such plan (as defined in section 3(16)(A)), or a business associate of such plan (as defined in section 160.103 of title 45, Code of Federal Regulations), (or health insurance issuer offering group health insurance coverage in connection with such a plan), and a health care provider, network or association of providers, third-party administrator, service provider offering access to a network of providers, pharmacy benefit managers, or any other third party (each referred to as a health plan service provider ) is permissible if such agreement limits (or delays beyond the applicable reporting period described in subsection (b)(1)) the disclosure of information to group health plans in such a manner that prevents such plan, issuer, or entity from providing the information described in subsection (b).
With respect to plan years beginning on or after the date that is 2 years after the date of enactment of this section, not less frequently than quarterly, a health plan service provider shall provide to the group health plan or health insurance issuer the following information at no cost to the group health plan or health insurance issuer: The information described in section 724(a)(1)(B). Any contractual and subcontractual calculation methodologies, pricing or fee schedules, or other formulae used to determine reimbursement amounts to providers and subcontractors, including methodologies, schedules, fee structures, and any applied adjustments or modifiers, with such information provided in a manner sufficiently detailed to enable the group health plan or health insurance issuer to accurately assess, verify, and ensure compliance with the terms of any contractual and subcontractual agreement governing the reimbursement amounts.
The total amount received or expected to be received by the health plan service provider or its subcontractors in provider or supplier rebates, fees, alternative discounts, and all other remuneration including amounts held in escrow or variance accounts that has been paid or is to be paid for claims incurred and administrative services including data sales or network payments. The total amount paid or expected to be paid by the health plan service provider or to subcontractors in rebates, fees, contractual arrangements, and all other remuneration that has been paid or is expected to be paid for administrative and other services.
All payment data and reconciliation information related to alternative compensation arrangements including accountable care organizations, value-based programs, shared savings programs, incentive compensation, bundled payments, capitation arrangements, performance payments, and any other reimbursement or payment models, where the group health plan or health insurance issuer paid fees, incurred obligations, or made payments in connection with the group health plan related to such arrangements.
Health plan service providers shall provide the information or data under paragraph
(1)consistent with the privacy, security, and breach notification regulations at parts 160 and 164 of title 45, Code of Federal Regulations, promulgated under subtitle F of the Health Insurance Portability and Accountability Act of 1996, subtitle D of the Health Information Technology for Clinical Health Act of 2009, and section 1180 of the Social Security Act, and shall restrict the use and disclosure of such information according to such privacy, security, and breach notification regulations. An entity that receives a disclosure from a party in interest pursuant to subparagraph
(B)or
(C)shall comply with the privacy and security regulations promulgated under HIPAA. A group health plan shall comply with section 164.504(f) of title 45, Code of Federal Regulations (or a successor regulation), and a plan sponsor shall act in accordance with the terms of the agreement described in such section. Nothing in this section shall be construed to modify the requirements for the creation, receipt, maintenance, or transmission of protected health information under the HIPAA privacy regulations (45 C.F.R. parts 160 and 164, subparts A and E). A group health plan receiving information under paragraph
(1)may disclose such information only— to the entity from which the information was received or to that entity’s business associates or to the group health plan's business associates as defined in section 160.103 of title 45, Code of Federal Regulations (or successor regulations); or as permitted by the HIPAA Privacy Rule (45 C.F.R. parts 160 and 164, subparts A and E). To the extent the information required by this subsection is made available to the health insurance issuer offering group health insurance in connection with a group health plan, the health insurance issuer shall make such information available, at the same time, in the same format, and at no cost, to the group health plan. The obligation to provide information pursuant to this subsection shall exist notwithstanding the presence of any formal data-sharing agreement between the parties. Failure to provide the required information as specified shall constitute a violation of this Act and the Secretary shall initiate enforcement action under section 502 within 90 days of becoming aware of a violation of this section, except that nothing in this section shall be construed to limit the Secretary's existing authority under the Act. All data and information provided pursuant to this subsection shall comply with the following standards: All claims from a healthcare provider shall be made to the group health plan in accordance with transactions standards adopted under HIPAA, as follows: Institutional, professional, and dental claims and adjustments to these claims shall be in ASC X12N 837 format, as transmitted by the provider, or, in the case of paper claims, converted to the ASC X12N 837 electronic format. Prescription drug claims shall be in the National Council for Prescription Drug Programs (NCPDP) format, as transmitted by the provider, or in the case of paper claims, converted to the NCPDP electronic format. Such data shall be provided at no cost to the group health plan. All claim payment (or EFT, electronic funds transfer) and electronic remittance advice
(ERA)information sent by a health plan service provider shall be provided to the group health plan or health insurance issuer in the ASC X12N 835 format in accordance with transaction standards adopted under HIPAA, unmodified from the form in which it was transmitted to the healthcare provider. Such information shall be provided at no cost to the group health plan or health insurance issuer. The Secretary may modify the standards set forth in this paragraph as necessary to align with any changes adopted by the Secretary of Health and Human Services pursuant to the authority provided under section 1173 of the Social Security Act ( 42 U.S.C. 1320d–2 ). Any provision in an agreement between a group health plan, the plan sponsor, the plan administrator, or a business associate of such plan or a health insurance issuer and a health plan service provider that unduly delays or limits a group health plan’s or health insurance issuer’s access to information described in this section or that restricts the format or timing of the provision of such information in a manner that is inconsistent with the requirements of this section shall be prohibited and, if a group health plan or health insurance issuer enters into such agreement, shall be deemed void as against public policy. Any failure by a health plan service provider to comply with the requirements of this section shall result in the imposition of a civil penalty of $100,000 for each day the violation continues, in addition to any other penalties prescribed by law. The Secretary shall implement this section through notice and comment rulemaking in accordance with section 553 of title 5, United States Code. . Section 502(a) of the Employee Retirement Income Security Act of 1974 ( 29 U.S.C. 1132(a) ) is amended by adding at the end the following new paragraph: The Secretary may assess a civil penalty against any person of $100,000 per day for each violation by any person of section 726. . Paragraph
(6)of section 502(a) of the Employee Retirement Income Security Act of 1974 ( 29 U.S.C. 1132(a) ) is amended by striking or
(9)and inserting it with the phrase (9), (13), or
(14). Part D of title XXVII of the Public Health Service Act ( 42 U.S.C. 300gg–111 et seq. ) is amended by adding at the end the following: For plan years beginning on or after the date that is 1 year after the date of enactment of this section, no agreement between a group health plan that is a self-funded, non-Federal governmental plan, as defined in section 2791(d)(8)(C) ( 42 U.S.C. 300gg–91(d)(8)(C) ), and a health care provider, network or association of providers, third-party administrator, service provider offering access to a network of providers, pharmacy benefit managers, or any other third party (each referred to in this section as a health plan service provider ) is permissible if such agreement limits (or delays beyond the applicable reporting period described in subsection (b)(1)) the disclosure of information to group health plans in such a manner that prevents such plan, issuer, or entity from providing the information described in subsection (b). With respect to plan years beginning on or after the date that is 1 year after the date of enactment of this section, not less frequently than quarterly, a health plan service provider shall provide to the group health plan that is a self-funded, non-Federal governmental plan the following information at no cost to the plan: The information described in section 2799A–9(a)(1)(B) ( 42 U.S.C. 300gg–119(a)(1)(B) ). Any contractual and subcontractual calculation methodologies, pricing or fee schedules, or other formulae used to determine reimbursement amounts to providers and subcontractors, including methodologies, schedules, fee structures, and any applied adjustments or modifiers, with such information provided in a manner sufficiently detailed to enable the group health plan to accurately assess, verify, and ensure compliance with the terms of any contractual and subcontractual agreement governing the reimbursement amounts. The total amount received or expected to be received by the health plan service provider or its subcontractors in provider or supplier rebates, fees, alternative discounts, and all other remuneration including amounts held in escrow or variance accounts that has been paid or is to be paid for claims incurred and administrative services including data sales or network payments. The total amount paid or expected to be paid by the health plan service provider or to subcontractors in rebates, fees, contractual arrangements, and all other remuneration that has been paid or is expected to be paid for administrative and other services. All payment data and reconciliation information related to alternative compensation arrangements including accountable care organizations, value-based programs, shared savings programs, incentive compensation, bundled payments, capitation arrangements, performance payments, and any other reimbursement or payment models, where the group health plan paid fees, incurred obligations, or made payments in connection with the group health plan related to such arrangements. Health plan service providers shall provide the information or data under paragraph
(1)consistent with the privacy, security, and breach notification regulations at parts 160 and 164 of title 45, Code of Federal Regulations, promulgated under subtitle F of the Health Insurance Portability and Accountability Act of 1996, subtitle D of the Health Information Technology for Clinical Health Act of 2009, and section 1180 of the Social Security Act, and shall restrict the use and disclosure of such information according to such privacy, security, and breach notification regulations. An entity that receives a disclosure from a party in interest pursuant to subparagraph
(B)or
(C)shall comply with the privacy and security regulations promulgated under HIPAA. A group health plan that is a self-funded, non-Federal governmental plan shall comply with section 164.504(f) of title 45, Code of Federal Regulations (or a successor regulation), and a plan sponsor shall act in accordance with the terms of the agreement described in such section. Nothing in this section shall be construed to modify the requirements for the creation, receipt, maintenance, or transmission of protected health information under the HIPAA privacy regulations (45 C.F.R. parts 160 and 164, subparts A and E). A group health plan that is a self-funded, non-Federal governmental plan receiving information under paragraph
(1)may disclose such information only— to the entity from which the information was received or to that entity’s business associates as defined in section 160.103 of title 45, Code of Federal Regulations (or successor regulations); or as permitted by the HIPAA Privacy Rule (45 C.F.R. parts 160 and 164, subparts A and E). Nothing in this section shall be construed to prevent a group health plan that is a self-funded, non-Federal governmental plan, or a health plan service provider providing services with respect to such a plan, from placing reasonable restrictions on the public disclosure of the information described in paragraph (1), except that such plan or entity may not restrict disclosure of such information to the Department of Health and Human Services, the Department of Labor, the Department of the Treasury, or the Comptroller General of the United States. The obligation to provide information pursuant to this subsection shall exist notwithstanding the presence of any formal data-sharing agreement between the parties. Failure to provide the required information as specified shall constitute a violation of this Act and the Secretary shall initiate enforcement action under section 2723(b) ( 42 U.S.C. 300gg–22(b) ) within 90 days of becoming aware of a violation of this section, except that nothing in this section shall be construed to limit the Secretary’s existing authority under this Act. All data and information provided pursuant to this subsection shall comply with the following standards: All claims from a healthcare provider shall be made to the group health plan in accordance with standards adopted under HIPAA at section 162.1101 of title 45, Code of Federal Regulations, as follows: Institutional, professional, and dental claims and adjustments to these claims shall be provided to the group health plan that is a self-funded, non-Federal governmental plan in the ASC X12N 837 format. Prescription drug claims shall be in the National Council for Prescription Drug Programs (NCPDP) format. The files shall be unmodified copies of the files sent from the provider. In the event that paper claims are sent by the provider, they shall be converted to the appropriate standard electronic format. Such data shall be provided at no cost to the group health plan. All claim payment (or EFT, electronic funds transfer) and electronic remittance advice
(ERA)information sent by a health plan service provider shall be provided to the group health plan or health insurance issuer in the ASC X12N 835 format, in accordance with standards adopted under HIPAA at section 162.1602 of title 45, Code of Federal Regulations, unmodified from the form in which it was transmitted to the healthcare provider. Such information shall be provided at no cost to the group health plan. The Secretary may modify the standards set forth in this paragraph as necessary to align with any changes adopted by the Secretary pursuant to the authority provided under section 1173 of the Social Security Act ( 42 U.S.C. 1320d–2 ). Any provision in an agreement that unduly delays or limits a group health plan that is a self-funded, non-Federal governmental plan’s access to information described in this section or that restricts the format or timing of the provision of such information in a manner that is inconsistent with the requirements of this section shall be prohibited and, if a self-funded, non-Federal governmental plan enters into such agreement, shall be deemed void as against public policy. The Secretary shall implement this section through notice and comment rulemaking in accordance with section 553 of title 5, United States Code. . Section 2723(b) of the Public Health Service Act ( 42 U.S.C. 300gg–22(b) ) is amended by adding at the end the following: Notwithstanding any provisions to the contrary, the Secretary may assess a penalty against a health plan service provider, as defined in section 2799A–11(a) ( 42 U.S.C. 300gg–121(a) ), of $100,000 per day for each violation of such section, pursuant to substantially similar processes and procedures as those set forth in section 2723(b)(2)(D) through
(G)( 42 U.S.C. 300gg–121(b)(2)(D) through (G)). .
Connectionstraces to 2
Traces to 2 documents
7 references not yet in our index
- 42 USC 1320d–2
- 42 USC 300gg–111
- 42 USC 300gg–91(d)(8)(C)
- 42 USC 300gg–119(a)(1)(B)
- 42 USC 300gg–22(b)
- 42 USC 300gg–121(a)
- 42 USC 300gg–121(b)(2)(D)
Citation graph
cites case law
Sec. 8
Oversight of administrative service providers
Cite42 USC 1320d–2
Cite42 USC 300gg–111
Cite42 USC 300gg–91(d)(8)(C)
Cite42 USC 300gg–119(a)(1)(B)
Cite42 USC 300gg–22(b)
Cites 9 · showing 7Cited by 0 across 0 sources