Health Care Reform: The Employer Mandate and Reporting Requirements

Many employers remain confused about health care reform, and how their business will be impacted. One of the most important parts of the law is the employer’s “shared responsibility” role, in which employers are required to provide affordable health insurance coverage to their staff. However, “this pay-or-play” mandate has been postponed, providing employers more time to understand and comply with the law.

Reporting Requirements

Employers and other reporting entities will be provided additional time to provide input and feedback on ways to simplify information reporting, while remaining consistent with the law. Known as “transition relief”, it is intended to provide employers, insurers, and other providers of minimum essential coverage time to adapt their health coverage and reporting systems.

In anticipation of the application of the provisions in 2015, however, the IRS encourages employers to voluntarily comply for 2014 with these information-reporting provisions (once the information reporting rules have been issued) and to maintain or expand health coverage to all full-time employees in 2014.

Employer Mandate (employers defined as “large” by the ACA)

No “Employer Shared Responsibility” penalties will be assessed for 2014 (the piece of the law requiring employers to provide all employees with affordable coverage). Large employers who do not offer coverage or who offer coverage that does not meet the ACA’s definition of affordable will not be penalized in 2014. However, these employers need to be ready to comply for 2015.

Individual Mandate

The individual requirement, which is effective January, 1, 2014, has not been delayed. Under the individual requirement, U.S. citizens and legal residents are required to carry health insurance or pay a penalty tax. It is expected that the set-up and operation of the new insurance marketplace, called “The Exchange,” will continue in each state.

Premium Credits through the Exchange

The delay does not affect the availability of premium credits for individuals eligible for federal subsidies. Individuals will continue to be eligible for the premium tax credit by enrolling in a qualified health plan through the Affordable Insurance Exchanges (also called Health Insurance Marketplaces), if:

a) Their household income is within a specified range; and,

b) They are not eligible for other minimum essential coverage, including an eligible employer-sponsored plan that is affordable and provides minimum value.

Benefits eligibility for full-time employees/Hours Tracking

The ACA defines a full-time employee, for the purpose of benefits eligibility, to be one working an average of 30+ hours per week. Due to the delay of the employer mandate, employers will not be required to comply with this definition in 2014. There is no need for employers to track hours in 2013 to determine eligibility for 2014, or to decide on a measurement, administrative, and stability period.

Maximum waiting period

The delay does not affect the maximum waiting period rules effective January 1, 2014. The ACA requires that an employer must not have a waiting period that is longer than 90 days. Note that some states, such as California, may have more stringent laws.

Although the two items being delayed are significant, we recommend that employers continue their diligence with understanding and preparing for the implementation of Health Care Reform provisions in 2014, through 2020.

Hawaii Law Briefing – Hawaii Security Breach Law and Identity Theft Notification

Identity theft is one of the fastest growing crimes committed throughout the United States. Criminals who steal personal information use the information to open credit card accounts, write bad checks, buy cars, and commit other financial crimes with other people’s identities.

Hawaii has the sixth worst record of identity theft in the nation, according to a 2007 report.

I. Hawaii’s Security Breach Law

Identity theft in Hawaii has resulted in significant losses to both businesses and consumers. This epidemic motivated the Hawaii legislature in 2006 to pass several bills whose purpose is to provide increased protection to Hawaii residents from identity theft:

Act 135: Requires businesses and government agencies that keep confidential information about consumers to notify those consumers if that information has been compromised by an unauthorized disclosure;

Act 136: Requires reasonable measures to protect against unauthorized access to personal information to be taken when disposing of records;

Act 137: Restricts businesses and government agencies from disclosing/requiring social security numbers to/from the public;

Act 138: Permits consumer who has been the victim of identity theft to place a security freeze on their credit report;

Act 139: Intentional or knowing possession without authorization of confidential personal information is a class C felony.

Together, the bills signed into law by Governor Linda Lingle as HRS Chapter 487R impose obligations on businesses in Hawaii to notify residents whenever their personal information maintained by the business has been compromised by unauthorized disclosure.

HRS Chapter 487R does not cover financial institutions subject to the Federal Interagency Guidance on Response Programs for Unauthorized Access to Consumer Information and Customer Notice, or Health plans and providers subject to HIPAA.

The underlying policy behind HRS Chapter 487R is that prompt notification will help potential victims to act against identity theft by initiating steps to monitor their credit reputation. Thus, it is critical that any business subject to HRS Chapter 487R audit the manner in which confidential personal information is maintained and have a security breach team prepared to comply with the notice obligations and effectively deal with any breach of personal information.

II. Security Breach

HRS 487R imposes obligations on the part of Hawaii businesses to notify an individual whenever the individual’s personal information that is maintained by the business has been compromised by unauthorized disclosure and to do so in a timely manner.

Under the statute, “Personal Information” consists of an individual’s first name or first initial AND last name in combination with any one or more of the following data elements, when either the name OR the data elements are not encrypted: Social Security Number, driver’s license or Hawaii Identification Number; or an account number, credit or debit card number, or password that would permit access to an individual’s financial account.

The personal information is protected if on a “record.” A “record” is any material on which written, drawn, spoken, visual, or electromagnetic information is recorded or preserved, regardless of physical form or characteristics. Thus, a “record” can be in digital form or on a paper document, which differs significantly from other states that might cover only digital information.

The notice obligations are triggered when a “security breach” occurs. A “security breach” is defined as an incident of unauthorized access to AND acquisition of unencrypted or unredacted records of data containing personal information, where illegal use of the personal information has occurred, OR is reasonably likely to occur; AND that creates a risk of harm to a person. As the definition indicates many times it is difficult to determine whether information has been “acquired” or to the extent that a “risk of harm” exists.

Several states, including Alabama, Connecticut, Delaware, and Florida have devised a risk of harm exception. Such exception generally relieves the business from the notice obligation requirement after consultation with law enforcement. Since Hawaii law has no such exception most incidents of unencrypted/unredacted theft or loss of records containing personal information should carry the presumption that illegal use is likely to occur and a risk of harm. In addition, even if a statutory obligation does not arise other legal obligations may exist with respect to the theft or loss.

III. Notification Obligations

To the extent a security breach has occurred, and personal information has been compromised, the business must satisfy the notification obligations imposed by HRS Chapter 487R. Form notices are made part of this article for educational purposes only. The notice obligations must be satisfied without “unreasonable delay.” The only exception would be if a law enforcement agency informs the business in writing that notification may impede a criminal investigation or jeopardize national security. Once it has been determined that the notice will no longer impede the investigation, the notice must be promptly provided.

Under HRS Chapter 487R, the business must notify the resident (and the Office of Consumer Protection/credit reporting agencies where notice has been provided to 1,000 persons).
The notice must be given to the last available address. The notice may be sent to the resident’s email address only if the person has “opted in” to receive notices in that manner. Direct telephonic notice may be given under the statute, but generally is not the recommended way to notify the resident given the potential legal risk with such form of communication.

Under the statute, “substitute notice” may be provided where the costs to provide if the business can demonstrate that the cost of providing notice would exceed $100,000 or that the affected class of subject persons to be notified exceeds two hundred thousand, or if the business does not have sufficient contact information or is unable to identify particular affected persons.

Substitute notice shall consist of emailing the person when the email address is known, the conspicuous posting of a notice on the website maintained by the business, and notification of the security breach to major statewide media.

IV. Penalties

Statutory penalties can be significant. However, government agencies are exempt from statutory penalties under HRS § 487R-3. Under the law, businesses can be fined not more than $2,500 for each violation. Such penalty can add up quickly where hundreds or even thousands of Hawaii residents are not informed that their personal information has been compromised.

In addition, a court may impose an injunction on the business and the business may be liable for actual damages and attorneys’ fees.

V. Final Word

Hawaii and other states have taken significant steps to combat the growing epidemic of identity theft. It is important that both Hawaii businesses and employers, and consumers take reasonable steps to protect their interests and reputations.

For Hawaii employers and businesses:

o Enter into agreements imposing obligations on third-party companies to handle sensitive and personal information of your employees and customers in a reasonable manner and to report security breaches immediately;

o Ensure reasonable administrative, physical, and technical safeguards are placed over the personal information handled both the third-party company and internally;

o Periodically have the IT department conduct a risk analysis over electronically-stored information and computer network systems of the company;

o Have IT draft and periodically review comprehensive security procedures to limit vulnerability of the company’s systems and a plan of action;

o Train and retrain employees on privacy policies;

o Ensure company employees collect only the minimum amount of information necessary to accomplish the business purpose.

For consumers:

o Ask your employer, doctor, bank, etc., what steps are taken to protect against misappropriation of private information;

o Treat your mail and trash carefully; use cross cut shredders;

o Use locked mailboxes;

o Keep private information kept in your home hidden and secure;

o Don’t give out private information over the phone;

o Use care when using your computer; create strong passwords;

o Use common sense and stay alert (for example, write to your creditor as soon as you believe you have not timely received a billing statement);

o File a police report and obtain the police report number when you learn that your personal information has been compromised and close accounts, e.g., credit card, bank accounts, etc.;

o Follow up with law enforcement in writing and maintain a file; dispute bad checks written directly with merchants;

o Place a fraud alert/freeze on your credit files (Equifax, Experian or Transunion);

o Periodically obtain your credit report and look it over carefully; note inquiries from companies you did not contact, accounts you did not open, debts you cannot explain and report such information immediately to law enforcement.

SAMPLE LETTER 1

Data Acquired: Account Number, Credit Card or Debit Number, Access Code or Password that would permit access to Individual’s Financial Account

Dear

We are writing to you because of a recent security incident at [name of organization].
[Describe what happened in general terms, what type of personal information was involved, and what you are doing in response, including acts to protect further unauthorized access.]

To protect yourself from the possibility of identity theft, we recommend that you immediately contact [credit card or financial account issuer] at [phone number] and tell them that your account may have been compromised. Continue to monitor your account statements.

If you want to open a new account, ask [name of account insurer] to give you a PIN or password. This will help control access to the account.

To further protect yourself, we recommend that you review your credit reports at least every three months for at least the next year. Just call any one of the three credit reporting agencies at a number below. Ask for instructions on how to get a free copy of your credit report from each.

Experian Equifax TransUnion
888-397-3742 888-766-0008 800-680-7289

For more information on identity theft, we suggest that you visit the Web site of the Hawai’i Department of Commerce and Consumer Affairs at ______________ [or the Federal Trade Commission at ___________________]. If there is anything [name of your organization] can do to assist you, please call [toll-free (if phone number].

[Closing]

SAMPLE LETTER 2

Data Acquired: Driver’s License or Hawai’i Identification Card Number

Dear

We are writing to you because of a recent security incident at [name qt. organization].
[Describe what happened in general terms, what kind of personal information was involved, and what you are doing in response, including acts to protect further unauthorized access.]

Since your Driver’s License [or Hawai’i Identification Card] number was involved, we recommend that you immediately contact your local DMV office to report the theft. Ask them to put a fraud alert on your license.

To further protect yourself, we recommend that you place a fraud alert on your credit files. A fraud alert lets creditors know to contact you before opening new accounts. Just call any one of the three credit reporting agencies at a number below. This will let you automatically place fraud alerts with all of the agencies. You will then receive letters from ail of them, with instructions on how to get a free copy of your credit report from each.

Experian Equifax Trans-Union
888-397-3742 888-766-0008 800-680-7289

When you receive your credit reports, look them over carefully. Look for accounts you did not open. Look for inquiries from creditors that you did not initiate and look for personal information, such as home address and Social Security number, that is not accurate. If you see anything you do not understand, call the credit reporting agency at the telephone number on the report.

If you do find suspicious activity on your credit reports, call local law enforcement and file a report of identity theft. [Or, if appropriate, give contact number for law enforcement agency investigating the incident for you.] Get a copy of the police report. You may need to give copies to creditors to clear up your records.

Even if you do not find any signs of fraud on your reports, we recommend that you check your credit reports at least every three months for at least the next year. Just call one of the numbers above to order your reports and keep the fraud alert in place.

For more information on identity theft, we suggest that you visit the Web site of the Hawai’i Department of Commerce and Consumer Affairs at _________________ [or the Federal Trade Commission at __________________]. If there is anything [name of your organization] can do to assist you, please call [toll free (if possible) phone number].

[Closing]

SAMPLE LETTER 3

Data Acquired: Social Security Number

Dear

We are writing to you because of a recent security incident at [name of organization]. [Describe what happened in general terms, what kind of personal information was involved, and what you are doing in response, including acts to protect further unauthorized access.]

To protect yourself from the possibility of identity theft, we recommend that you place a fraud alert on your credit files. A fraud alert lets creditors know to contact you before opening new accounts. Just call any one of the three credit reporting agencies at a number below. This will let you automatically place fraud alerts with all of the agencies. You will then receive letters from all of them, with instructions on how to get a free copy of your credit report from each.

Experian Equifax TransUnion
888-397-3742 888-766-0008 800-680-7289

When you receive your credit reports, look them over carefully. Look for accounts you did not open. Look for inquiries from creditors that you did not initiate and look for personal information, such as home address and Social Security number, that is not accurate. If you see anything you do not understand, call the credit reporting agency at the telephone number on the report.

If you do find suspicious activity on your credit reports, call local law enforcement and file a police report of identity theft. [Or, if appropriate, give contact number fur law enforcement agency investigating the incident, for you.] Get a copy of the police report. You may need to give copies of the police report to creditors to clear up your records.

Even if you do not find any signs of fraud on your reports, we recommend that you check your credit reports at least every three months for at least the next year. Just call one of the numbers above to order your reports and keep the fraud alert in place.

For more information on identity theft, we suggest that you visit the Web site of the Hawai’i Department of Commerce and Consumer Affairs at ____________ [or the Federal Trade Commission at ______________]. If there is anything [name of your organization] can do to assist you, please call [toll-free (if possible) phone number].

[Closing]

Benefits of Law Transcription Services

Quality law transcription services ensure an array of benefits for legal professionals and law firms. The significant advantage is that these services enable legal professionals to maintain error-free and updated textual copies of important legal dictations in their practices. These documents can be easily retrieved for reference at any point of time.

Benefits of Law Transcription Services – An Overview

Legal practices and law firms have to manage a series of legal proceedings on a regular basis. Amidst their busy schedule, legal professionals most often might not get enough time to devote for transcription. Entrusting their law documentation tasks to a reliable legal transcription company would allow them to complete the documentation procedures and get the transcripts updated quickly. Well coordinated law transcription services offered by established transcription companies ensure legal practices benefits such as:

Reduce documentation workload: Professional transcription services considerably reduce the documentation workload of legal professionals. These services save precious time and effort, and help them focus more on core processes.

Avoid file backlogs: As the dictations are transcribed by experts on a regular basis, legal practitioners can easily avoid file backlogs.

Save additional expenses: Through outsourcing their core documentation tasks, legal entities can save the huge expenses that would be otherwise required to maintain the infrastructure, resources, manpower and technology to perform the transcription jobs in-house.

Improve efficiency and productivity: Reduced workload considerably enhances the efficiency of legal professionals and their supporting workforce, which would definitely make the practice more professional and productive, and improve its reputation.

Law reports in convenient file formats: Efficient legal transcription services help lawyers and attorneys maintain transcribed law reports in easy-to-use electronic file formats or as hard copies. The records would be kept well-organized and can be easily retrieved as and when needed.

Ideal Transcription Solutions for all Legal Documents

Outsourcing companies strive to deliver quality transcription services that precisely match the specific documentation needs of legal entities. To offer professional law enforcement transcription services in a modern infrastructure, most firms utilize advanced transcription technology, software utilities and services of experienced transcription experts and quality controllers. The transcription specialists in these firms are highly skilled and provide secure and accurate services. They can efficiently handle dictations provided in any file format such as digital audio files, digital video files, audio CDs, micro cassette tapes, cassette tapes, DVDs and more. These experts offer reliable transcription solutions for the following legal documents:

• Legal pleadings
• Law enforcement field dictation
• Memorandum letters
• Court transcripts
• Private investigations
• Depositions
• Hearings
• Client letters
• Interrogations
• Reports
• Wire-taps
• Briefs
• Surveillance reports, and more

Excellent Document Accuracy Rate

Transcription services offered by a reputable legal transcription company ensure your transcribed documents an accuracy rate of 99%. Their professional services also feature:

• Convenient dictation options: Digital recorder dictation, Toll free phone dictation
• Excellent data security and confidentiality
• Electronic signature
• Three level quality assurance
• Transcription management software
• Feeds for EHR or EPM
• Rapid turnaround time
• Affordable pricing up to 40% lower than market rates
• Continuous technical support
• Free trial offer

Outsource to an Established Company

When planning to outsource their law transcription tasks, legal entities must necessarily utilize the services of an established legal transcription company. The services offered by such a firm can assure you many benefits in terms of reliability, quality, pricing structure and instant response.