The Departments of Labor, Health and Human Services, and Treasury (collectively, the Departments) have published FAQs About Affordable Care Act And Consolidated Appropriations Act, 2021 Implementation Part 57 (FAQ 57) regarding implementation of the prohibition against the use of gag clauses in contracts in provider agreements with health plans and health insurers. The FAQs are available here.
The Consolidated Appropriations Act of 2021 (the CAA) prohibits group health plans and health insurers from entering into an agreement with a health care provider, network or association of providers, third-party administrator (TPA), or other service provider offering access to a network of providers that would directly or indirectly restrict a plan or insurer from:
- disclosing provider-specific cost or quality of care information to referring providers, the plan sponsor, and persons covered or eligible to be covered under a group health plan.
- electronically accessing de-identified claims and encounter information or data for each person covered under the plan upon request and consistent with applicable privacy regulations.
- sharing the information disclosed or accessed with a business associate.
Plans and issuers are required to file with the Departments an annual attestation of their compliance with the prohibition against gag clauses.
The Departments had previously stated that they viewed the prohibitions against gag clauses as self-implementing and that they did not intend to issue regulations. Rather, plans and issuers are expected to implement the gag clause provisions using a good faith, reasonable interpretation of the CAA. They did say, however, that they would issue guidance regarding the attestation requirements.
FAQ 57 does not offer much substantive guidance beyond the language of the statute. See our material here for more information. It does provide two examples of provisions that would violate the CAA:
- a contract between a TPA and a group health plan that states that the plan will pay providers at rates designated as “Point of Service Rates,” but the TPA considers those rates to be proprietary and therefore includes language in the contract stating that the plan may not disclose the rates to participants or beneficiaries.
- a contract between a TPA and a plan that provides that the plan sponsor’s access to provider-specific cost and quality of care information is only at the discretion of the TPA.
It also explains that a contract provision that functions as a gag clause is prohibited even if it doesn’t explicitly prevent access to information as required by the CAA.
It does indicate, however, that a network may place reasonable restrictions on public disclosure of the information.
Attestations must be submitted by fully-insured and self-insured group health plans, including ERISA plans, non-Federal governmental plans; and church plans. However, attestation will not be required of plans that only provide excepted benefits, or HRAs and other account-based plans.
A self-insured plan can contract with a third party (such as a TPA) to submit an attestation of compliance on its behalf; however, the plan will remain liable if third party fails to make the required submission.
A fully insured plan will be deemed to have met the attestation requirements if its insurer submits the attestation on behalf of the plan.
The first attestation of compliance must be filed no later than December 31, 2023, and cover the period from December 27, 2020 through the date of the attestation. Subsequent attestations, covering the period since the last preceding attestation, are due by December 31 of each year thereafter.
Attestations must be filed electronically by visiting https://hios.cms.gov/HIOS-GCPCA-UI.
Instructions and a system user manual for submitting attestations can be found here.