//WebSights Header HTML Script Skip to Main Content
Blog

Joint Agency Guidance on Gag Clause Prohibition for Health Plan Agreement


On February 23, 2023, the Department of Labor (DOL), the Department of Health and Human Services (HHS), and the Internal Revenue Service (IRS) (the “Agencies”) released FAQs addressing the implementation of certain transparency requirements under the Consolidated Appropriations Act of 2021 (CAA).

These joint-issued FAQs address additional compliance guidance on the CAA’s annual attestation, prohibiting group health plans from preventing specific disclosures regarding provider cost or quality-of-care information as well as a gag clause prohibition.

Employers should ensure any contracts with TPAs or other health plan service providers offering access to a network of providers do not violate the CAA’s prohibition of gag clauses. Also, employers with fully insured or self-insured health plans should prepare to provide the compliance attestation by Dec. 31, 2023. If the issuer for a fully insured health plan provides the attestation, the plan does not also need to provide an attestation. Also, employers with self-insured health plans can enter into written agreements with their TPAs to provide the attestation, but the legal responsibility remains with the health plan.

Background

When the CAA was enacted by Congress on December 27, 2020, the law included a provision preventing group health plans and health insurance carriers from entering into health plan services contracts (such as third-party administrator or health care provider contracts) with gag clauses that restrict or prohibit the amount of information shared with plan participants or beneficiaries, but specifically:

  • Any provider-specific costs
  • Any quality-of-care or specific treatment option information
  • Electronic access to de-identified health claims data, including claim-related financial information, service codes, or provider information
  • Sharing any of the above date with the plan’s business associates, as governed by the privacy regulations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Gag Clause Prohibition

This prohibition specifically applies to agreements between group health plans or insurers and providers, third-party administrators (TPAs), or other service providers. Further, the FAQs explained that a gag clause is a “contractual term that directly or indirectly restricts specific data and information that a plan or issuer can make available to another party.”

The FAQs addressed a couple of examples illustrating this gag clause prohibition.

Example #1: If a contract between a TPA and a group health plan states that “the plan will pay providers at rates designated as ‘Point of Service Rates.”

However, the TPA considers those rates to be proprietary and therefore includes contract language stating that the health plan may not disclose the rates to participants or beneficiaries. In this case, this contractual language prohibits the disclosure of certain health plan-related information, making it a prohibited gag clause under the CAA.

Example #2: If a contract between a TPA and a health plan provides that the plan sponsor’s access to provider-specific cost and quality of care information is only available at the TPA’s discretion, that contractual provision would also be considered a prohibited gag clause under the CAA.

The FAQs note that although health plans and health plan vendors must ensure that their contracts do not include these restrictions, they may place reasonable restrictions on public disclosures of information.

Compliance Attestation

The FAQs note that the CAA requires health plans, insurers, and other health plan vendors to attest to their compliance with the gag clause prohibition annually. The FAQs add, however, that the attestation for the period from December 27, 2020 (or, if later, the effective date of the health plan), through the date of attestation, is due no later than December 31, 2023.

Subsequently, attestations are due each December 31.

This attestation requirement applies to any group health plan coverage, whether or not it is governed by ERISA, and any individual health plan coverage.

  • Self-funded health plans may enter into a service provider agreement to submit the attestation, however, any legal requirement to do so remains with the plan itself.
  • If an insurer provides administrative services to self-insured health plans, then that insurer may submit a single attestation covering itself, its self-funded health plans, and any insured health plans it may have. This gives providers and vendors more flexibility when complying with the CAA.
  • Further, whether these plans meet the qualifications for ACA grandfathered or grandmothered plans does not relieve these plans of their attestation duties.
  • However, this attestation requirement does not apply to excepted benefits or account-based plans, such as health reimbursement arrangements (HRAs).

Reporting Violations

Finally, the FAQs state that if an interested party suspects a violation of this gag clause prohibition, then that interested party may: