Health plan vendors sometimes impose contractual restrictions on the disclosure of data that they consider to be confidential or proprietary. A number of new rules aim to foster transparency and require disclosure of pricing and other information that might otherwise be subject to those restrictions. The Consolidated Appropriations Act, 2021 (CAA) prohibits a health plan from entering into certain agreements, particularly those involving a provider network, that impose certain restrictions on the plan’s access and ability to share information about the cost and quality of care.
This is the fifth briefing in Ballard Spahr’s series on the CAA and transparency regulations. It was originally was published in November 2021. Additional briefings can be found here, here, here, and here.
- Plan sponsors should identify and modify contracts entered into on or after December 27, 2020, to eliminate or override inappropriate restrictions.
- Plan sponsors should address restrictions in new contracts and consider restrictions in contracts entered into before these anti-gag rules were enacted.
- Plans will need to submit an attestation as to their compliance with the new requirements beginning in 2022. Guidance on this attestation requirement is expected.
The Bottom Line
In view of this prohibition against gag clauses and the new rules promoting the transparent disclosure of information, health plan sponsors may wish to reassess the confidentiality provisions in their vendor agreements.
Lawyers at Ballard Spahr are working with the new rules and are prepared to assist you with questions that you may have.
Background. Health plan vendors sometimes impose contractual restrictions on the disclosure of data they consider to be confidential or proprietary, but a number of new rules aim to foster an environment of transparency and require disclosure of pricing and other information that might otherwise be subject to those restrictions.
New Rule. The Consolidated Appropriations Act, 2021 (CAA) prohibits a health plan from entering into an agreement with any health care provider, association or network of providers, third-party administrator, or other service provider offering access to a network that directly or indirectly restricts the plan from:
- Providing provider-specific cost or quality of care information to referring providers, the plan sponsor, plan participants, and others eligible to enroll in the plan.
- Upon request, obtaining electronic access to de-identified claim and encounter data for each plan participant, including:
- Claim-related financial information in a provider contract
- Provider information, such as the provider’s name and clinical designation
- Service codes
- Any other data element in claim or encounter transactions
- Sharing such information with a business associate of the plan.
The plan will need to comply with the privacy provisions in HIPAA, GINA, and ADA in applicable circumstances, and reasonable restrictions may be imposed on the public disclosure of this information.
Health plans will be required to attest annually to their compliance with this requirement.
Citation. ERISA section 724; Internal Revenue Code section 9824; and Public Health Services Act section 2799A-9.
Effective Date. December 27, 2020. Attestations to be collected in 2022.
Enforcement. For health plans that are subject to ERISA, the U.S. Department of Labor and plan participants and beneficiaries may enforce compliance with these rules. Plans not subject to ERISA may be subject to enforcement by the U.S. Department of Health and Human Services. HHS shares responsibility for enforcement against insurers with state agencies. In addition, the Internal Revenue Service may impose an excise tax of $100 per day per affected individual under section 4980D of the Code for any failure to comply.
At this time, the federal agencies have announced that they expect to issue guidance only with regard to the required attestations. Otherwise, plans are expected to comply with a good faith, reasonable interpretation of the statutory provisions.
Plan Considerations. The rule prohibits a plan from entering into an agreement that restricts access to and the disclosure of information in a prohibited manner. Its effective date means that it will apply to agreements entered into after the CAA was enacted on December 27, 2020.
The law does not specifically address agreements executed before that date. However, in view of the transparency requirements that are coming, employers may find it sensible to seek compliance with the new requirements from all applicable health plan vendors. The new rule could serve as a basis for contractual terms that provide affirmatively for the greater sharing of information. Guidance on the attestations is expected and may offer insight into the regulators’ view of existing contracts, as well as contract renewals and amendments.
Recommended Steps. Plan sponsors should consider taking the following actions:
- Identifying contracts that include restrictions on access to and the disclosure of provider-specific information (as proprietary, confidential, or otherwise).
- Modifying those contracts entered into on or after December 27, 2020, to eliminate or override those restrictions.
- Addressing those restrictions in new contracts and potentially in contracts that were entered into before these anti-gag rules were enacted.
- Attending to guidance on attestations and submitting timely attestations in 2022.