Académique Documents
Professionnel Documents
Culture Documents
Page 1 of 11
The Federal Trade Commission Act of 1914 established the Federal Trade
Commission (FTC) and gave it power to work with the Department of Justice to
enforce the Clayton Act. The primary function of the FTC is to prevent unfair
competition and deceptive business practices, which are presented broadly in the
Act. As a result the FTC also pursues violators of the Sherman Antitrust Act.
Antitrust laws also exist at the state level.
Antitrust Violations
Health plans and healthcare providers may be found in violation of antitrust laws if they
engage in any of the following activities:
Price-fixing involves the agreement by two or more independent entities on the
prices that they will charge or pay for services. For example, independent
providers generally may not collectively establish the fees that each will charge a
health plan. A price-fixing violation need not involve a strict agreement on
pricesfor instance, it could entail agreement on terms of trade or price levels.
A horizontal group boycott occurs when two competitors agree not to do
business with another competitor or purchaser. For example, two independent
hospitals generally may not agree to refuse to contract with a health plan until the
health plan ceases contract negotiations with another hospital.
Tying arrangements occur when an organization conditions the sale or
purchase of one product or service on the sale or purchase of other products or
services. For example, a specialty provider group contracting with a health plan
for oncology services generally may be prohibited from requiring the health plan
to contract with the group for other services as a condition for receiving the
groups oncology services.
Horizontal allocation or division of markets occurs when two or more
organizations agree not to compete by dividing geographic marketing areas,
product offerings, or customers. For example, two independent companies
generally may not split purchasers into two groups and each agree to market
their products to only one group.
Provider contracting is an area in which antitrust issues sometimes arise. Generally
speaking, contracting with a select network of providers does not raise antitrust issues
(although some states have limited this through any willing provider laws mentioned in
Module 13). However, some contract terms, such as exclusive contracts may, raise
antitrust issues, depending on the specific facts and circumstances of the market.
Financial Services Legislation
In 1999 Congress enacted the Financial Services Modernization Act, referred to as
the Gramm-Leach-Bliley (GLB) Act, which allows convergence among the traditionally
separate components of the financial services industrybanks, securities firms, and
insurance companies. Because health plans finance the delivery of healthcare services,
they are also considered part of the financial services industry.
Page 2 of 11
In broad terms the GLB Act stipulates how the financial services industry may be
structured and how it is regulated and supervised. The GLB Act also establishes the
rights of customers in regard to the protection of the privacy of personal financial
information.
All financial institutions must disclose their privacy policies regarding the sharing
of nonpublic personal information with both affiliates and third parties. Such
disclosure must take place at the time of establishing a customer relationship and
not less than annually as long as the relationship continues.
They must notify customers of any sharing of nonpublic personal information with
nonaffiliated third parties.
They must provide customers with an opportunity to opt-out of sharing nonpublic
personal information subject to certain limited exceptions.2
Although the GLB Act does not specifically target healthcare organizations, it may have
consequences for these organizations. For example, the GLB Act called on regulators in
the states to enact laws governing specific financial services entities, and the National
Association of Insurance Commissioners (NAIC) responded by proposing a Privacy of
Consumer Financial and Health Information Model Regulation to govern the activities of
healthcare organizations and insurers. State regulations based on the NAIC Model
Regulation (discussed in the next module) affect the way healthcare organizations,
insurers, and other users share protected health information.
Page 3 of 11
One of the most significant features of ERISA is its preemption provision, stipulating
that ERISA generally takes precedence over any state laws that regulate employee
welfare benefit plans. However, the preemption provision leaves to the states the
authority to regulate insurance, banking, and securities. Consequently, state insurance
laws (such as those relating to policy provisions, group size, group eligibility, and
mandated benefits) apply to health insurance coverage provided to an employee benefit
plan but do not apply directly to the plan. This is true regardless of whether the plan is
fully funded (fully insured) or self-funded (self-insured). (Recall that in a self-funded plan
the employer, rather than a health plan or insurance company, is financially responsible
for paying claims and related expenses.)
Example: Alpine Corporation is self-fundedthat is, it provides health benefits to its
employees itself, with no insurance company involvement. Alpines health plan is
subject to ERISA but not to state laws and regulations governing insurance. On the
other hand, Piedmont, Inc. is fully insured; its employee health plan is provided by
Delta Insurance Company. Piedmonts involvement in its plan is subject to ERISA,
and in addition Deltas involvement in the plan is subject to state insurance laws and
regulations.
The preemption provision encourages employers to create employee benefit plans by
providing a uniform system of regulation and oversight. Furthermore, under ERISA selffunded plans are exempt from state taxes on insurers premium revenues.
ERISAs preemption provision also has important implications for health plans,
especially in cases in which an employee raises questions about a plans decision not to
authorize benefit payment based on medical necessity or appropriateness. Under
ERISA, persons who receive healthcare benefits through employee benefit plans must
file legal challenges involving coverage decisions or plan administration at the federal
level, and ERISA is generally the governing law for such cases.
For health plans the major advantage of having cases tried at the federal rather than the
state level is that, unlike most state laws, ERISA limits damage awards in lawsuits to the
cost of the medical services or treatment. It does not allow plan members to receive
additional compensatory damages or punitive damages. For example, suppose a plan
member files a lawsuit against a health plan in federal court on the grounds that the
health plans decision to deny payment of benefits on the basis of a lack of medical
necessity was improper. If the court determines that benefits were improperly denied,
the plan member can recover the denied benefits. The plan member cannot receive
monetary awards in compensation for her pain and suffering or awards designed to
deter health plans from making inappropriate coverage decisions in the future.
A number of court cases have challenged health plans ability to invoke the ERISA
preemption, and proposals have been made to eliminate the preemption or to allow plan
members to sue health plans in state court and receive additional compensatory and
punitive damages. However, in June 2004 the U.S. Supreme Court issued a decision in
the consolidated case of Aetna Health Inc. v. Davila and CIGNA HealthCare of Texas,
Inc. v. Calad. The Courts decision unanimously upheld the ERISA preemption, affirming
that Congress intended ERISAs framework to be the exclusive means of challenging
coverage decisions and that individuals cannot challenge such decision in state courts.
Consolidated Omnibus Budget Reconciliation Act of 1986 (COBRA)
Page 4 of 11
Page 5 of 11
Who Must
Comply
Protected Class
Effect on Healthcare
Employers with 20
or more
employees
Employees age 40
and older
All employees
Discrimination based on
race, color, religion, sex,
or national origin is
prohibited. Employers
must ensure that health
plan provisions are not
discriminatory.
Pregnancy
Discrimination Act
(amendment to
Civil Rights Act)
Employers with 15
or more
employees and
engaged in
interstate
commerce
All employees
Employer-sponsored
group health plans must
provide coverage for
pregnancy, childbirth,
and related conditions
on the same basis as for
other medical
conditions.
Family and
Medical Leave Act
(FMLA)
Employers with 50
or more
employees
Employees who
are ill, need to care
for a seriously ill
family member, or
have a new child
(including adopted)
Employees must be
allowed to take up to 12
weeks of unpaid leave
during any 12-month
period. Employers must
continue to make group
health benefits available
Age
Discrimination in
Employment Act
(ADEA)
Page 6 of 11
Page 7 of 11
Page 8 of 11
As required by HIPAA, HHS has developed regulations that standardize the form and
content of electronic healthcare transactions. Transactions subject to these standards
include: healthcare claims or encounter data, health plan eligibility inquiries and
responses, provider referrals and authorizations, claims status inquiries and responses,
health plan enrollment and disenrollment requests, claim payment and remittance,
health plan premium payment, coordination of benefits information, and healthcare
claims attachments.
HHS has identified existing industry format standards and code sets, such as the ICD-9CM diagnosis codes and CPT-4 procedure codes, that must be used when conducting
electronic healthcare transactions. HHS has also created a new system in which all
healthcare providers apply for a National Provider Identifier (NPI) to be used for
electronic transactions, replacing the various provider identifiers used by different health
plans.
Privacy and Security Standards
HIPAA requires HHS to develop standards to ensure the privacy and security of health
information. These standards control the use and disclosure of health information by
health plans, healthcare providers, and healthcare clearinghouses, and they provide
individuals with certain rights with respect to their information. The privacy standards
include the following rules:
Healthcare providers must generally obtain an individuals written consent to use
protected health information. Health plans, healthcare providers, and
clearinghouses may use or disclose healthcare information for their own
treatment, payment, or operations without obtaining the individuals consent.
The transmission of individually identifiable health information for purposes other
than medical treatment, payment, or healthcare operations without the patients
written authorization is generally prohibited.
Patients are allowed to access their medical records and request amendment of
incorrect or incomplete medical information.
Patients are allowed to request that restrictions be placed on the accessibility
and use of protected health information.
Healthcare providers, healthcare clearinghouses, and health plans must institute
privacy and security policies and procedures and workforce training programs.
Healthcare providers, health plans, and healthcare clearinghouses must institute
privacy protections in contracts with any business that uses health information on
their behalf.
HIPAA security standards are designed to prevent unintended access to protected
health information and mandate features entities must include in their operations to
ensure that such information is secure. These features include administrative
procedures and physical devices and mechanisms to protect data integrity and
confidentiality. The security standards are scalablethat is, the procedures and
mechanisms used by a particular entity may vary depending on the size, structure,
Page 9 of 11
security needs, and business requirements of the entity. The HIPAA Privacy Rule
requires covered entities to:
ensure the confidentiality, integrity, and availability of all electronic protected
health information (EPHI) that the covered entity creates, receives, maintains, or
transmits;
protect against any reasonably anticipated threats or hazards to the security or
integrity of such information;
protect against any reasonably anticipated uses or disclosures of such
information that are not permitted or required by the Privacy Rule; and
ensure compliance by its workforce and any business that contracts with the
covered entity.
Conclusion
There are many federal laws that have a significant impact on health plans, and we have
looked briefly at some of the most important:
Under antitrust laws, health plans must not engage in activities that restrain a
free, competitive marketplace, such as price-fixing and market allocation.
Under financial services legislation, plans must protect the privacy of consumers
financial information.
ERISA governs employer-sponsored health plans, establishing participant rights,
investment standards, and disclosure requirements. ERISA also exempts
employer plans (but not insurers) from state regulation.
COBRA gives employees and dependents certain rights to continue employersponsored health coverage for a time after they lose eligibility.
The HMO Act of 1973 sets standards for HMOs that choose to be federally
qualified.
Under various laws, employers may not discriminate among employees based on
race, age, gender, and similar factors in regard to health coverage.
HIPAA contains many provisions designed to increase the availability and
continuity of healthcare coverage, protect health information, and facilitate data
exchange.
Notes
1
Adapted from Sharon B. Allen, Dennis W. Goodwin, and Jennifer W. Herrod, Life and Health
nd
Insurance Marketing, 2 Ed., LOMA, 1998. Used with permission, all rights reserved.
Page 10 of 11
Adapted from Harriett. E. Jones and Dani L. Long, Principles of Insurance: Life, Health, and
nd
Annuities, 2 Ed., LOMA, 1999. Used with permission, all rights reserved.
Page 11 of 11