Optimize the connections between the compliance of your benefits and human resources programs to overall organizational wellbeing.

From fostering a workplace culture centered on supporting the physical, emotional, career and financial wellbeing of employees to ensuring that benefit programs are compliant with local, state and federal requirements, effectively protecting your employees' wellbeing connects directly to protecting the wellbeing of your organization overall. Compliance Connections delivers monthly, actionable guidance designed to help you manage and optimize the connections between the compliance of your benefits and human resources programs to overall organizational wellbeing. Kick off the new year with a list of action items to tackle during the year ahead.

Strategize over how to address COVID-19 vaccination questions for the workplace.

Perhaps the biggest COVID-19 related question for early 2021 is: What do we need to know about coronavirus vaccinations in the workplace? Employers are facing decisions ranging from whether to mandate that their employees be vaccinated from COVID-19 to what obligations an employer-sponsored health plan has to provide coverage for administration of the vaccination. In addition to these issues, employers should consider what reasonable accommodations might be necessary for individuals with disabilities or religious-based objections to receiving a coronavirus vaccination, as well as how a duty to provide a safe workplace may impact an employer's approach to support vaccination efforts in the workplace. In addition, employers may wish to examine how leave programs will support employees who have reactions to vaccinations, which cause them to miss work time. What questions should your organization be asking itself about COVID-19 vaccinations and workplace issues?

Take a proactive approach to address the need for leave due to COVID-19.

Even though the Families First Coronavirus Response Act's (FFCRA's) mandatory leave provisions expired on December 31, 2020, COVID-19 continues to cause illnesses and school closures. For those reasons, employees may continue to need time off due to COVID-19. Employers subject to the mandatory requirements of the FFCRA may voluntarily continue to provide unused emergency paid sick leave (EPSL) or expanded FMLA leave (EFMLA or Public Health Emergency Leave (PHEL)) and qualify for tax credits for leave provided through March 31, 2021 under the Consolidated Appropriations Act, 2021 (CAA). Notably, the CAA does not create additional eligibility for leave; thus, the extension of leave associated with tax credits only applies when employees use leave eligibility that has carried over from 2020. It is unclear under current guidance whether employers may choose to extend only EPSL or only PHEL and whether employers may only provide the extended leave to certain categories of employees. However, any employers contemplating extensions of leave eligibility may wish to make leave available under the same terms as mandatory leave in order to avoid potential discrimination issues. Employers who do not voluntarily permit the use of carryover FFCRA leave should review existing leave policies and applicable state laws to determine how they will address leave for COVID-19-related reasons in 2021. How will your organization address additional time off needs due to COVID-19?

Revisit mental health parity compliance.

Both the federal and state governments are increasing their enforcement of mental health parity requirements. The Employee Benefits Security Administration (EBSA) within the Department of Labor (DOL) enforces compliance with the Mental Health Parity and Addiction Equity Act (MHPAEA) for plans subject to ERISA. In addition, HHS and State Attorneys General also have enforcement authority. Thus, employer-sponsored health plans may find themselves subject to enforcement activity by either federal or state authorities. In addition, the CAA added a reporting requirement for plans that impose nonquantitative treatment limitations (NQTLs), such as step-therapy and prior authorization requirements, on mental health or substance use disorder benefits. By February 10, 2021, group health plans providing both medical/surgical benefits and mental health/substance use disorder benefits that impose NQTLs on mental health or substance use disorder benefits must perform and document comparative analyses demonstrating that the processes, strategies, evidentiary standards, and other factors used to apply the NQTLs to mental health or substance use disorder benefits are comparable to, and are applied no more stringently than those used to apply the NQTLs to medical or surgical benefits in the same benefits classification. That's a bit of a mouthful and a bit of a short timeline, but employers should know that the reporting must be available by the February date and should take steps to ensure that their carriers or third-party administrators (TPAs) have the necessary documentation ready in time and be prepared to work with those insurance carriers and TPAs to ensure timely corrective action can be taken, if needed. How prepared is your employer-sponsored group health plan to meet the CAA's comparative analysis documentation requirements?

Check on the health of your wellbeing program.

The physical and psychological toll of 2020 will likely have lingering effects on your employees and their families. Employer-sponsored programs can take aim at helping individuals cope with stress, plan for their financial present and future, address addiction, become more active, and meet other physical and psychological goals. When developing or maintaining such programs, employers are faced with not only design considerations, but also a myriad of legal requirements that fall under the definition of wellness programs. Prudent employers will note that existing regulations leave one broad question unanswered: Can I use incentives to encourage employees (and possibly their family members) to participate in a wellness program? On January 7, 2021, the Equal Employment Opportunity Commission (EEOC) issued proposed guidance intended, in part, to address this question with regard to wellness programs subject to the Americans with Disabilities Act (ADA) or the Genetic Information Nondiscrimination Act (GINA). Under the proposed ADA guidance, the safe harbor permitting health-contingent wellness programs under the ADA that are part of, or qualify as, group health plans to offer the maximum allowed incentive under the 2013 HIPAA regulations (currently 30 percent of the total cost of coverage or 50 percent to the extent the wellness program is designed to prevent or reduce tobacco use) will apply to a health-contingent wellness program, as long as the program complies with the five HIPAA requirements. Under proposed GINA regulations, additional limitations will likely be imposed on wellness programs, such as those including health risk assessments seeking family medical history or genetic information. The proposed rules are expected to be finalized during 2021 and thus potentially applicable as early as January 2022. Regardless, employers may wish to assess their wellbeing programs not only in light of regulatory requirements, but also with an eye toward mental, physical, and financial wellbeing needs arising from COVID-19. What flexibility does your employer-sponsored wellbeing program need for 2021?

Perform an assessment of your employee benefits data cybersecurity.

In addition to a health pandemic, a pandemic of cyberattacks arose during 2020. Healthcare providers, insurers, third-party administrators, employers, and even employees fell prey to ransomware and other cyber threats. The Department of Labor (DOL) has increasingly raised concerns about cyber protection for employee benefits data and intends to release additional guidance on cybersecurity to assist third-party administrators and plan sponsors. Plan sponsors should anticipate that cybersecurity will also become part of future DOL investigations. In particular, the DOL is likely to be looking at the questions plan sponsors ask service providers to ensure that the service provider's information systems are secure. Organizations that have not already done so should take steps to ensure that they are vetting the cyber security of benefit service providers. What steps has your organization taken to ensure that its employee benefit data is protected not only internally but also in the hands of third-party service providers?

This is a preview edition of Compliance Connections, a monthly publication produced by Gallagher's Compliance Consulting Practice. For five more action steps, contact your Gallagher representative or visit our Compliance Resources page to subscribe and receive the full version of this publication each month.


Compliance is a series of actions, not a final destination. As a trusted advisor, Gallagher has developed this Compliance Connections series to help you pursue a path through employee benefits compliance issues as part of an overall continuing compliance plan. Employers should carefully evaluate their health and welfare plans to determine if they are in compliance with both federal and state law. If you have any questions about one or more of the compliance requirements listed above, or would like additional information on how Gallagher constantly monitors laws and regulations impacting employee benefits in order to support employers in their compliance efforts, please contact your Gallagher representative.


The intent of this analysis is to provide you with general information. It does not necessarily fully address all your organization's specific issues. It should not be construed as, nor is it intended to provide, legal advice. Questions regarding specific issues should be addressed by your organization's general counsel or an attorney who specializes in this practice area.