What Employers Need to Know About Removing Gag Clauses from Health Care Contracts
August 1st, 2023
Before the clock strikes midnight on December 31, 2023, private employers and other public health care purchasers will have been required to attest to their benefit plan contracts being free of gag clauses. There is more than meets the eye to this requirement.
Service agreements with third-party administrators (TPA), pharmacy benefit managers (PBM) and other vendors have long included “gag clauses,” which are contractual restrictions that prevent employers from accessing and sharing their own health care price and quality data. The presence of these gag clauses has restricted the data and information employers need to monitor their vendor partners and assess the value of the health care services they are buying for employees.
Section 201 of the Consolidated Appropriations Act (CAA) made it impermissible for employers to have gag clauses in their service agreements. In this way, the CAA significantly highlighted the need and opportunity for employers to access and use their health care data, which is reflected in the surge of headline-grabbing lawsuits over the past 12 months.
The burden of ensuring contracts are free of gag clauses rests entirely on employers, not their vendors. Access to previously confidential information also binds employers to use that data to drive improvements and make informed decisions for the plan as a core part of their fiduciary obligations.
The Attestation Requirement
In February, the tri-agencies responsible for enforcement issued an FAQ that clarified many uncertainties around the CAA’s gag clause provision. This provided confirmation that:
- The first upcoming December 31, 2023 attestation deadline covers the entire three-year period dating back to the CAA’s passage on December 27, 2020.
- PBM agreements are covered under the purview of the requirements.
- Contract phrases that indirectly function as gag clauses are also impermissible.
- Self-insured employers completely retain the liability of attesting, no matter if a third-party submits it on their behalf.
Four Emerging Obstacles for Employers
Gag clauses have been prevalent in most service provider agreements to date. These contract phrases serve the interests of vendors, such as health plans, PBMs, TPAs and consultants, who benefit from not having to provide employers with strategically important information on health care price and quality. As a result, employers have unsurprisingly found it difficult to comply with their requirement to remove all gag clauses.
Here are four examples of such obstacles:
- Service providers are taking the position that they have removed all gag clauses from their service agreements with little or no context on what has changed.
- Service providers are offering to attest compliance on behalf of their self-insured clients without any accompanying discussion of whether all gag clauses have been removed.
- Service providers are removing gag clauses from their service agreements only to then include them in their confidentiality agreements and/or NDAs.
- Service providers are providing incomplete or partial data to employers, which gives the appearance of cooperation without the substance needed to properly attest.
These challenges complicate the ability of employers and purchasers to attest by the end of this year. Those who have encountered one or more of these obstacles are in an awkward position. They currently have no other option but to consider submitting a false attestation or none at all.
However, a recently introduced House bill called the Health DATA Act provides necessary improvements to the gag clause removal portion of the CAA. Specifically, it would elaborate purchasers’ right to fully access their data, introduce service provider accountability through civil penalties for noncompliance and, perhaps most importantly, let employers submit a reasoned explanation of their circumstances in lieu of attesting.
How Employers Can Take Charge of their Attestations
In the meantime, employers can take several concrete steps to tackle their requirement to strip gag clauses out of their service agreements:
- Gather all service agreements and vendor contracts that concern health care price and quality, including your PBM contract.
- Enlist the help of a trusted, independent third-party that is well-versed in reviewing benefit plan service provider contracts for gag clauses.
- Identify impermissible gag clauses in service contracts (two illustrative examples are set out in departmental guidance).
- Negotiate the removal of gag clauses from all service provider contracts, confidentiality agreements and NDAs.
- Negotiate contract amendments to ensure vendor cooperation in meeting your fiduciary obligations, especially those related to the CAA’s gag clause provisions.
Taking these steps and documenting them appropriately will not only improve employers’ contracts but will go a long way toward demonstrating prudence and good-faith compliance with the CAA’s requirements. Additionally, if vendors still prove uncooperative in removing gag clauses from existing service agreements, these steps will be an important component of employers explaining why they were unable to attest.
Navigating the gag clause removal and attestation process will most likely result in uncomfortable conversations between employers and the vendors they’ve long relied on to provide quality health care benefits to their employees, and will call into question long-standing assumptions about health care data ownership, or lack thereof. Through it all, employers will gain clear line-of-sight into whether their vendors are a help or a hindrance in fulfilling their clarified fiduciary obligations under the CAA.
4 Steps for Large Employers to Meet Fiduciary Duties and Mitigate Legal Risk
May 22nd, 2023
The Consolidated Appropriations Act (CAA) has created both opportunities and risks for employers when it comes to overseeing employee health benefits.
The CAA finally gives employers access to the kinds of cost-benefit data long available with virtually every other business decision. The law equips them to better perform their role as stewards of company and employee finances by assessing the value of the health care services they purchase for employees. Over time, these new insights will likely set in motion an unprecedented shift in the health care market’s balance of power. For that reason, it’s no surprise that vendor compliance with these new pricing, contractual and compensation disclosure mandates has been fragmented, incomplete or non-existent.
Employers must now take steps to develop rigorous fiduciary processes around health care purchasing. Consistently demonstrating good faith efforts to comply with the CAA will lead toward a safe harbor that should mitigate future legal exposure and adverse compliance action. Equally important, employer expectations will compel vendors to either alter their behavior or risk losing important accounts and business.
The challenge employers face should not be underestimated. ERISA makes very clear the liability for CAA compliance ultimately rests with the employer and its designated “plan fiduciary.” This may be an individual plan sponsor (who retains personal fiduciary liability), an internal committee, the board of directors or some combination of these. Although vendors will be instrumental in assisting employers and plan fiduciaries in meeting the CAA’s requirements, employers cannot delegate their fiduciary obligations away and must take steps to engage the CAA head on.
4 Steps Your Organization Can Take to Help Protect Itself from Legal Exposure
There are four steps employers can take today to demonstrate good-faith compliance with the CAA’s fiduciary obligations and mitigate downstream legal exposure and consequences.
1) Develop processes and criteria for evaluating vendor performance. Under ERISA, plan fiduciaries must run their health plan (including pharmacy, vision and dental benefits) solely in the interest of employees and their dependents with the exclusive purpose of providing benefits. They must also avoid conflicts of interest and show the plan pays only reasonable expenses. Because the CAA makes available new sets of transparency information, plan sponsors will find their opportunity and duty to oversee vendors has increased.
Employers must now develop and document a process for monitoring vendor performance for value and alignment with the health plan’s interests. This monitoring process should include regular review of the plan’s vendors to determine whether fees and claims are reasonable. Employers should benchmark their vendors’ compensation against others in the market and should periodically review their current vendors to assess reasonableness and examine the continued suitability of these relationships.
2) Request vendor compensation information. The CAA requires health plan fiduciaries to request details on the direct and indirect compensation their insurance brokers, consultants, pharmacy benefit managers and third-party administrators expect to receive. These compensation disclosures should include a detailed explanation of the services provided and direct and indirect compensation, including bonuses, referral fees, rebates and commissions, as well as the source of that compensation.
If you can’t understand a compensation disclosure document, push until the specifics are clear. Beware of ambiguous phrases like “we may or may not receive compensation.” Ensure the disclosure is signed not just by a representative of the firm, but also by someone in senior management who is able to authoritatively attest to its accuracy.
If the vendor refuses to provide the information or fails to do so within 90 days, employers are required to notify the Department of Labor and terminate the contract. Similarly, if the compensation is excessive or “unreasonable” or if it implies conflicts of interest, the vendor relationship would become a “prohibited transaction” under ERISA that the employer could not lawfully continue.
3) Work with legal counsel to ensure all gag clauses are removed from your service provider contracts. The CAA explicitly bans the presence of “gag clauses” in health plan service provider contracts, which are contractual terms that would restrict an employer’s access or ability to share health care cost and quality data. Prior to the CAA, these were extremely commonplace. Now, contracts entered into after December 27, 2020 cannot legally contain them.
Earlier this year, CMS announced employers will need to submit on December 31, 2023 their first attestation of having removed all gag clauses in their contracts. Moving forward, employers will need to attest annually.
Employers need to take great care in ensuring, with expert legal counsel, that they are compliant with this requirement. More importantly, they should view the CAA’s prohibition on gag clauses as an opportunity to access their full, de-identified claims data, including allowed amounts. Many employers have struggled to receive full information before and had to make health care purchasing decisions in the dark. The CAA has provided the light employers need to access and analyze their data.
4) Request plan-level prescription drug data collection (RxDC) data from your pharmacy benefit manager (PBM). The CAA mandates yearly submission of information on prescription drugs and health care spending, known as RxDC reporting. Often, this data is gathered and submitted in large part by a plan’s third-party administrator and PBM without the employer ever seeing the information.
However, RxDC data, originating from PBMs, contains potentially valuable information for an employer. Specifically, it includes novel information on the financial impact of rebates, fees and other drug manufacturer payments on the health plan and its impact on premiums and employee out-of-pocket costs.
Employers should request their plan-level RxDC data. If your PBM declines to provide it to you, document that you attempted to obtain it. If they do provide it, enlist the help of an independent, third-party pharmacy consultant to analyze the rebate information for new insights on how it affects your plan’s premiums and your employees’ out-of-pocket expenses.
What’s Next for Employers
As the post-CAA health care environment solidifies, new third-party intermediaries will undoubtedly emerge to provide employers with new tools, actionable insight and comparative cost and compensation data around the full spectrum of health care services, from hospitals to consultants to PBMs.
In the meantime, organizations must move forward as effectively as they can in uncovering baseline cost and compensation data. Ultimately, every step toward scrutinizing and defining value in the organization’s health plan is an exercise in fiduciary prudence and sound judgment that ensures organizational resources are used in the most effective way possible.
This content is educational in nature and should not be taken as legal advice. Consult with your legal counsel before making any decisions for your health plan, especially those related to CAA compliance.
A CFO’s Guide to Health Plan Fiduciary Leadership
January 17th, 2023
Recent passage and implementation of the Consolidated Appropriations Act (CAA) of 2021 creates new risks and opportunities for employers who self-insure their health benefit plans under the Employee Retirement Income Security Act of 1974 (ERISA).
What Employers Need to Know
The CAA mandates employer access to new and critically important insights into the prices they’re paying for employee health care services – details they have been unable to previously obtain from vendors to whom they pay millions of dollars each year to negotiate on their behalf. Finally, employers can evaluate the cost and quality of services they are purchasing from providers and other vendors and make informed procurement decisions. In fact, the law requires employers to demonstrate that the health care services they buy for their employees are cost-effective, high-quality and meet mental health parity and pharmacy benefit requirements.
This means that employers must take steps to establish oversight procedures and processes to document their efforts to comply with the CAA as fiduciaries, similar to the governance practices employers have already established for their 401(k) and retirement plans.
Implementing an effective health plan oversight and audit framework, with documented procurement processes, can substantially reduce corporate exposure for companies and individual directors, officers and employees. Many employers currently lack adequate controls in their existing service agreements, have historically tolerated unreasonably high fees and costs and often rely upon financially conflicted intermediaries for advice.
The CFO’s Role
It is because of these systemic barriers to compliance that CFO leadership is particularly needed to guide corrective action. Compliance may very likely require companies to adopt new business practices, amend existing health benefit contracts and ensure insurance policies for Directors and Officers cover claims involving employee health plans.
The heightened fiduciary risk of being a health plan manager is occurring at a time of increasing health plan expenses, economic pressures, workforce recruitment and retention challenges and a seemingly insatiable employee demand for immediate, personalized solutions that foster overall well-being. CFOs who embrace a health plan fiduciary framework to mitigate litigation risk may find that compliance opens new opportunities to reduce wasteful health care spending, improve predictability and enable better support for the health and wellbeing of their employees and families.
An Opportunity to Address Workforce Health Challenges
The same health plan data that can help CFOs mitigate fiduciary risk can also unlock opportunities for human resource and benefit leaders to better address workforce health challenges and manage delegated services and vendors. Fiduciary leadership that is aligned across finance, human resources and benefit teams can catalyze a transformation of employee health benefits from a liability to a valuable, strategic asset.
Click here for our guide to establishing a strategic fiduciary framework to enhance the value of employee health benefits.