Employers that have had their group health plans audited by the Employee Benefits Security Administration (the arm of the U.S. Department of Labor that enforces Title I of ERISA) are aware of the broad nature of the document request and compliance review carried out under these audits. The EBSA has updated its audit protocols to include a review of plans' compliance with the Patient Protection and Affordable Care Act (PPACA), the Genetic Information Nondiscrimination Act (GINA), and wellness programs, along with the laundry list of other federal benefits laws pertaining to group health plans. An uptick in PPACA enforcement appears to be underway, and many plan sponsors have received notices in recent weeks of EBSA audits. Click here to see an actual EBSA audit letter. It provides insight into the kinds of information EBSA seeks.

EBSA audits examine compliance with a range of federal statutes and regulations, such as ERISA, HIPAA, COBRA, and the Women's Health and Cancer Rights Act. However, as employers begin to ramp up in earnest concerning the employer shared responsibility and other provisions of the health care reform law going into effect in 2014, many will be facing audits of their plan's PPACA compliance. The DOL's audit letters are looking for information and documentation concerning particular aspects of the PPACA, such as the plan's grandfather status, coverage for adult children, lifetime and annual limits, and claims and appeals procedures. (See questions 18-20 in the Letter.)

The DOL also is looking at the design of wellness programs offered in connection with group health plans and the related, required notices that have to be provided. (See question 17 in the Letter.) These inquiries will allow the DOL to begin looking at how employers have complied with the HIPAA nondiscrimination regulations concerning wellness programs, as well as Title I of GINA. Of course, the rules for wellness programs will be changing beginning in 2014

Employers should consider taking a serious look at their group health plans, not only for compliance with the PPACA, but also with the longstanding, more traditional areas of ERISA, HIPAA, COBRA and others laws.