In 2017, Congress eliminated ACA individual mandate penalty. In reaction, four states and the District of Columbia adopted laws that, effectively, reinstated the individual mandate at the state level. Those states also require employers to report concerning the health coverage they provided in the prior year. In this client alert, we summarize these state reporting laws.

In our "Also Noteworthy" section at the end of this alert, we briefly discuss an overlooked area of the California Consumer Privacy Act and what it means for employers. Spoiler Alert: The so-called one-year delay for employee and applicant data is not comprehensive.

Don't Miss This Important Point

The ACA reporting requirements have changed. But the states generally follow the "old" ACA rules, not the "new" ones. Throughout this client alert we refer to the "2018 ACA requirements." By "ACA requirements," we mean the rules governing which individuals had to receive a Form 1095-C or 1095-B from the employer, and what information had to be included on those forms. By "2018," we mean the requirements for the Forms about 2018, which individuals received in 2019. The ACA requirements for forms being provided and filed in 2020 are very different! The state obligations generally track the "old" ACA reporting requirements, not the "new" ACA requirements.

2020 Reporting Deadlines—New Jersey and the District of Columbia

New Jersey

March 2, 2020. Deadline to provide information returns to individuals.

March 30, 2020. Deadline to file returns electronically with the NJ Division of Taxation.

  • Employers with self-funded medical plans: Provide federal information returns (Form 1095-C for large employers, Form 1095-B for small employers) to NJ residents in compliance with the 2018 ACA requirements. The same forms must be filed with the NJ Division of Taxation.
  • Employers with fully-insured plans: No NJ reporting obligation.

District of Columbia

March 2, 2020. Deadline to provide information returns to individuals.

June 30, 2020. Deadline to file information returns electronically with DC's Office of Tax and Revenue.

  • Employers with self-funded medical plans: Provide federal information returns (Form 1095-C for large employers, Form 1095-B for small employers) to DC residents in compliance with the 2018 ACA requirements. The same forms must be filed with DC's Office of Tax and Revenue.
  • Large employers with fully-insured plans: Provide federal information returns (Form 1095-C) to DC residents in compliance with the 2018 ACA requirements. The same forms must be filed with DC's Office of Tax and Revenue.
  • Small employers with fully-insured plans: No DC reporting obligation.

Other Reporting Requirements

California, Rhode Island and Vermont

In California, Rhode Island, and Vermont, reporting is not required until 2021. Generally, these states will require reporting that follows the 2018 ACA requirements. If your company has employees who are residents of California, Rhode Island, or Vermont, you will want to ensure that your systems (or your vendor) will be gathering the information that was needed for the "old" ACA forms. (See the Important Note at the beginning of this client alert.) We expect additional guidance from each of these states.

Massachusetts

Massachusetts adopted reporting requirements over 10 years ago, which continue to be in effect. For employers subject to the law, Form MA 1099-HC must be provided to individuals and filed with the Massachusetts Department of Revenue by January 31.

Also Noteworthy

If your company is subject to the California Consumer Privacy Act (CCPA) and has employees who are residents of California, you have probably heard that there is a one-year delay—that the CCPA does not apply to personal "employee" or "applicant" information until January 1, 2021. What you need to know is that the delay is not complete. Your company still has some obligations in 2020 concerning employee and applicant information. Specifically:

  • The company must notify employees and applicants of the categories of personal information that the company collects about them and the purposes for which the information will be used.
  • The company must implement and maintain "reasonable security procedures and practices" to protect the information. If the company fails to do so, and if there is a data breach in 2020, the CCPA permits individuals affected by the breach to bring a lawsuit and seek statutory damages.