Tag Archives: Health Care Reform

2017 Tax Returns Require Filers to Certify Health Insurance

October 18, 2017


On October 13, 2017 the IRS announced that it will require tax filers to certify if they had health coverage for the year on their tax returns.  The IRS will not accept paper or electronic filings if the filer does not report full-year coverage, claim a coverage exemption or report a shared responsibility payment on the tax return.

Individuals with qualifying coverage for the entire year will check the “Full-year coverage” box on their federal income tax return. Those who are claiming a coverage exemption will file Form 8965 with their federal income tax return.  Those who owe a shared responsibility payment will report the payment on Form 1040 in the Other Taxes section and on the corresponding sections on Form 1040A and 1040EZ.

In previous years tax filers did not need to provide this certification despite the Individual Shared Responsibility Provision (aka, Individual Mandate) being in effect. The Individual Mandate requires individuals to have qualifying health care coverage (minimum essential coverage) for each month, qualify for an exemption or pay a penalty when filing their federal income tax return. Minimum essential coverage includes:

  • Most health coverage provided by your employer;
  • Health insurance purchased through the Marketplace;
  • Coverage under a government-sponsored program; and
  • Individual policies purchased from insurance companies.

Individuals have through Monday, April 16, 2018 to file their federal income taxes.

Continue reading...

Cost-Share Subsidies: Back Again?

October 17, 2017


*UPDATE: After announcing and praising – just yesterday – the deal struck by Republican Senator Lamar Alexander and Senator Patty Murray, the President tweeted this morning:

Continued uncertainty surrounding the payment of the cost share subsidies will likely drive premiums higher and frustrate insurers participating in the public exchanges. Which may be the point, as the President has repeatedly tweeted about watching the ACA implode after Congress failed to repeal the law this summer:


Last week, President Trump announced that his Administration would not pay the cost-share subsidies to insurance companies offering plans on the public exchanges. Today, however, the President announced a bi-partisan Senate deal that he said would fund the cost-share subsidies for “a year or two years.” The deal reportedly gives states “more flexibility in the variety of choices they can give to consumers.” It would also reportedly restore $106 million in ACA outreach funding that was cut by President Trump.

The deal would still need to be approved by Congress, which is not a given. It may face opposition in the House. House Speaker Paul Ryan, in particular, praised the President’s decision to end the subsidies last week.


Continue reading...

Discontinuation of Cost-Sharing Subsidies in the Marketplaces

October 13, 2017


Also on October 12, the Trump Administration indicated it will stop paying cost-sharing subsidies immediately to insurance carriers in the Marketplace.

The cost sharing subsidies are available to individuals making 250% or less of the Federal Poverty Level (FPL). They are designed to fund lower out of pocket cost for these lower-income individuals.  Insurance carriers that offer a silver plan in the Marketplace are required to offer 3 variations of that plan for individuals that qualify for cost sharing subsidies. The variations have lower cost-sharing than the standard silver plan option. This is required by the ACA.  The government reimburses the insurance carrier for the cost associated with the lower cost payments in the form of subsidies.

The Trump administration ended the subsidies, but insurance carriers are still obligated to offer the 3 other plans with lower cost sharing.  Carriers anticipated the loss of these subsidies and submitted two sets of rates for approval by the Marketplace. The rates assuming no cost-sharing subsidies are approximately 20% higher.

It is important to note, the premium subsidies are unaffected.  If an individual qualifies for a premium subsidy, the cost for coverage under the second lowest cost silver plan is set a percentage of the individual’s household income.  The Federal government pays the remaining premium.  The 20% premium hike will be paid by taxpayers for those that receive premium subsidies.  Accordingly, the by ending the cost-sharing subsidies, the Federal government will likely pay more to supplement the individual’s premium, rather than splitting the difference with the insurance companies. Approximately eighty-five percent of individuals purchasing coverage in the Marketplace receive a premium subsidy. Premium subsidies can still trigger employer mandate penalties.

The cost-share offsets are authorized by statute but payments are not appropriated annually, which was challenged by former Speaker of the House John Boehner in a lawsuit that is still ongoing. That lawsuit is currently being appealed, and several states have intervened and defended the subsidies. Those states will likely argue that the Trump Administration’s decision to stop paying the subsidies is invalid. Additionally, State Attorneys General from Kentucky, Massachusetts, Connecticut, California and New York have filed a separate lawsuit challenging the Administration’s decision.


Continue reading...

President Trump’s Executive Order on Health Care

October 13, 2017


On October 12, 2017, President Trump signed an Executive Order addressing some provisions of the Affordable Care Act (ACA). The Order was described as “Promoting Healthcare Choice and Competition Across State Lines.”

The Order is comprised of seven sections. Generally speaking, it directs various administrative entities to issue guidance related to the topics covered. The Order itself contains a only high level view of the goals to change specific aspects of the ACA.  Once the regulations are drafted and released, employers will have a better sense of how these changes may impact the market.  In addition, legal challenges to this Executive Order are anticipated.


The Order states that it should be the policy of the Executive Branch to the extent consistent with law, to facilitate the purchase of insurance across state lines. The Executive Branch should also facilitate the development and operation of a health care system that provides high quality care at affordable prices for the American people.

The Trump Administration will prioritize three areas of improvement in the near term:

  1. Association Health Plans (AHPs)
  2. Short-term Limited Duration Health Insurance
  3. Health Reimbursement Arrangements (HRAs)

The Administration will also focus on promoting competition in health care markets and limiting excessive consolidation throughout the healthcare system. To the extent consistent with law, government rules and guidelines affecting the U.S. healthcare system should:

  • Expand the availability of and access to alternatives to expensive, mandate-laden ACA insurance including AHPs, Short-term Limited Duration Health Insurance and HRAs
  • Re-inject competition into the healthcare markets by lowering barriers to entry, limiting excessive consolidation, and preventive abuses of market power
  • Improve access to and the quality of information that Americans need to make informed healthcare decisions, including data about health care pricing and outcomes, while minimizing the reporting burdens on affected plans, providers and payers

The policy section outlines near term goals of the Trump administration to improving healthcare access and affordability.

Expanded Access to Association Plans

The Order directs the Secretary of Labor to consider, within 60 days, proposing regulations or revising guidance in accordance with the law to allow more employers to form AHPs. The Secretary should also consider expanding the conditions that would define an employer under ERISA as well as ways to promote the AHP formation on the basis of common geography or industry.

The goal of promoting AHPs is to allow smaller employers to overcome the competitive disadvantage with large employees who are able to spread the risk among a larger pool of members. The Order also states securing coverage through an AHP will allow employers to avoid many of the costly requirements of the ACA.  However, the Order does not detail which specific requirement AHPs will avoid.

The Order does not provide details on expansion of AHPs. More details will like be included in the proposed regulations or revised guidance.

Expanded Availability to Short-Term Limited Duration Insurance

The Order directs the Secretaries of Treasury, Labor and Health and Human Services to consider, within 60 days, proposing regulations or revising guidance in accordance with the law to expand access to Short-Term Limited Duration Insurance (STLDI). The Secretaries should consider allowing these policies to cover longer periods of time and to be renewed by insureds.

The goal is to offer an appealing and affordable alternative to Marketplace coverage. The ACA regulations limit the coverage period under these plans to three months.

The EO did not include the details on the expanded availability of these plans. The details on this provision will significantly matter to insurance carriers.  STLDI policies are not obligated to comply with ACA coverage mandates.  This will allow policies to be sold that don’t have to coverage essential health benefits.  These policies may also be permitted to include annual and dollar lifetime maximums.

The effects of this provision of the Order are unclear. Depending the details, healthier individuals may gravitate to STLDI policies, while sicker individuals will remain in the comprehensive Marketplace policies. Insurance carriers could struggle to stay in the Marketplace as rates will increase to reflect poor experience.  Many carriers may choose to exit Marketplaces over concerns they will not be able to operate profitably with a split risk pool.

Expanded Availability and Permitted Use of Health Reimbursement Arrangements (HRAs)

The Order directs the Secretaries of Treasury, Labor and Health and Human Services to consider, within 120 days, proposing regulations or revising guidance in accordance with the law to increase the usability of HRAs. The guidance should expand an employer’s ability to offer HRAs to their employees and allow HRAs to be used in conjunction with non-group coverage.

The goal of this expansion is to allow employees, especially ones that work for small businesses, more options for financing their health care. Small employers, however, can take advantage of Qualified Small Employer Health Reimbursement Arrangements (QSEHRA), which were included in the 21st Century Cures Act passed by the Obama Administration in 2016.

The Order does not include the details of this expansion of the HRA rules. HRAs are funded solely by employers and provide tax-favored funds to pay for eligible expenses not covered by the insurance plan.  The ACA has instituted significant limits on the use of HRAs.  In general, an HRA should only be provided to employees that are covered under the employer’s medical plan.  Loosening these rules may allow employers to fund HRAs that employees can use to purchase individual insurance coverage.

Bottom Line

The Order, by itself, does nothing to change existing law. It directs several federal agencies to consider and propose specific policy changes that, if implemented, would significantly change existing law. To change or implement new regulations, agencies must follow a notice and comment period. Agency regulations are subject to court review and a number of challenges to this Executive Order and any subsequent agency regulations should be anticipated.

Continue reading...

Interim Rules on Contraceptive Exemptions

October 10, 2017


On October 6, 2017 the Department of Health and Human Services (HHS) and the Department of the Treasury released interim rules expanding the exemptions from providing contraceptive coverage without cost sharing.


The Affordable Care Act (ACA) required coverage of certain preventive services without cost sharing. Congress granted the Health Resources and Services Administration (HRSA), a part of HHS, discretion to determine what was included in “preventive services” for women. HRSA concluded that preventive services included contraceptives. However, the Departments reserved authority to reevaluate the definition of “preventive services” and the accommodation/exemption rules.

On May 4, 2017 President Trump issued the “Presidential Executive Order Promoting Free Speech and Religious Liberty.” This directed various Departments to “consider issuing amended regulations, consistent with applicable law, to address conscience-based objections to the preventive care mandate…” This prompted federal Departments to release interim final rules on October 6th that expand the exemptions for religious and moral objections to contraceptive coverage.  Departing from tradition, these interim rules are effective immediately and not upon the issuance of final regulations. The Departments are holding a notice-and-comment period that expires December 5, 2017. It’s unknown when the government anticipates releasing final regulations.

Religious Objections

Previously, only nonprofit “religious employers” were eligible for an exemption from the contraceptive mandate. This was extended to closely held, for-profit employers with sincerely held religious objections after the Hobby Lobby Supreme Court decision.

The new rules expand the exemption to many non-governmental employers, issuers and individuals with sincerely held religious objections. The following are now eligible to claim a religious exemption:

  • For-profit corporations (regardless of size or if they are publically/privately held);
  • Churches, integrated church auxiliaries, church conventions or association and religious orders;
  • Nonprofit organizations; and
  • Higher education institutions.

Moral Objections

The interim rules also created a new exemption for certain non-governmental employers with sincerely held moral convictions against the contraceptive mandate. The following are now eligible to claim a moral exemption:

  • Nonprofit organizations;
  • Privately held for-profit employers;
  • Insurers; and
  • Higher education institutions.

How to Claim the Exemption

Under the interim rules, if an employer objects on either religious or moral ground they do not have to provide any kind of self-certification or notice to the government to claim the exemption. The existing accommodation process still exists; it’s just optional. However, ERISA plans will still need to follow employee notice procedures for changes in covered benefits. In addition, if information contained in the Summary of Benefits and Coverage (SBC) is materially changed, plans should send out a Summary of Material Modification (SMM) 60 days before adopting the reduction.

What’s Next?

There’s a lot of uncertainty around these interim rules. The interim rules request comments and suggestions around multiple aspects of the law including if the eligible parties should be expanded, if a formal procedure to claim the exemption should be added, how to determine if a religious or moral objection is “sincerely-held,” and how this will affect various types of corporate entities. To complicate matters, multiple lawsuits have already been filed that may halt the interim rules. The California Attorney General and the American Civil Liberties Union (ACLU) already filed suit and others are expected to follow.

In sum, employers should proceed with caution if claiming the religious or moral exemption due to the continued administrative process and ongoing litigation.

Continue reading...

2017 ACA Reporting Forms Available
- IRS issues final 1094 and 1095 Forms

October 6, 2017


On Wednesday the IRS released the final 1094-C and 1095-C forms along with the instructions.  Applicable Large Employers (ALEs) will use the C forms to report on their offers of coverage to full-time employees. Like last year, fully-insured ALEs will complete Parts I and II of Form 1095-C while self-insured ALEs will complete Parts I, II and III of Form 1095-C. Small self-insured employers will use Forms 1094-B and 1095-B to report on all those enrolled in their coverage.  The instructions for the B Forms are here.

Employers must file the Forms by February 28, 2018 if filing on paper, or by March 31, 2018 if filing electronically. Those employers how are filing 250 or more returns must file electronically.  However, because March 31st falls on a weekend employers actually have until the following Monday, April 2nd to electronically file with the IRS. Copies of Forms 1095-C and 1095-B are due to individuals by January 31, 2018.

We will present a Health Care Reform update on December 15th that will cover 1094/1095 reporting in great detail. You can sign up for the webinar here.

Continue reading...

Upcoming Creditable Coverage Notice Deadline
-October 15

September 22, 2017


The Centers for Medicare and Medicaid Services (CMS) requires employers offering prescription drug coverage to disclose to all Medicare Part D eligible individuals the creditable status of their plan by October 15th each year.  The Creditable Coverage notice helps individuals make informed and timely decisions about whether and when to enroll in Medicare Part D and avoid potential late enrollment penalties.  We’ve previously discussed the Creditable Coverage notice here.

Because it’s often difficult to know for sure who is a Medicare Part D eligible individual, many employers chose to include the notice in enrollment materials or in separate mailings provided to all employees. If the employer wishes to distribute the notice with their enrollment materials, they must be sure to follow certain formatting requirements. The notice must be:

  • Prominently referenced
  • In a (minimum) 14-point font in a separate box, bolded or offset on the first page.

Model notices can be found on the CMS website.

In addition to the Creditable Coverage notice, employers must annually disclose their creditable coverage status to CMS. Disclosures to CMS must occur:

  • Within 60 days after the beginning date of the plan year for which disclosure is provided;
  • Within 30 days after termination of the prescription drug plan; and
  • Within 30 days after any change in creditable status of the prescription drug plan.

Disclosures to CMS must be completed and sent electronically through their website.  If an employer misses the current year’s deadline, they should file with CMS as soon as possible.

Continue reading...

Affordable Care Act Penalties Are Still in Effect

August 15, 2017


When President Trump took office this January, he signed an Executive Order directing HHS and other federal agencies to “waive, defer, grant exemptions from or delay implementation of any provision or requirement” of the Affordable Care Act (ACA) “to the maximum extent permitted by law.” This Executive Order was touted as the first step in repealing the ACA and many people began wondering what practical effect the Order would have. Some even theorized the Employer and Individual Mandate penalties would be waived.

In practicality, the Executive Order is more of an ideological statement because executive orders cannot change existing law. Under the Administrative Procedures Act (APA), agencies cannot rescind existing laws until they engage in a new notice-and-comment rulemaking process (including required public comment period and delayed effective dates) and follow other procedural requirements. This makes it very hard for a President to overturn final regulations without the cooperation of Congress. Since the Employer Mandate and Individual Mandate penalties are written into law, it would take an act of Congress to amend or repeal the monetary amount of the penalties. However, Congress has not passed any amendments or repeal provisions so the Employer Mandate and Individual Mandate penalties are still law.

In fact, the Department of the Treasury issued 4 opinion letters from April to June 2017 which confirm what we already knew: ACA penalties are still in effect. Taxpayers are still required to follow the law and pay what they may owe. Applicable Large Employers (ALEs) should continue to offer affordable, minimum value coverage to their full-time employees and minimum essential coverage to dependents.  If individuals are not eligible or not offered employer-sponsored coverage they must still have minimum essential coverage (or qualify for an exemption) for each month of the year.

For more information on the Employer Mandate, click here.

For more information on the Individual Mandate, click here.

Continue reading...

Dynamic Insurance, Cyber Security, and the Internet of Things

August 4, 2017


The internet of things is advancing rapidly, and frankly so is insurance. We can assure you that the heated debates in congress and confusing jargon won’t be going away anytime soon. In fact, it will probably get a lot more complicated, but insurance companies have their analytics department to lean on in these times of chaos. The world around us is more connected now than ever before and this gives us more accurate data to look forward to. Let’s start with drones. The rising use of drones will present both opportunities and risks for many industries. We have seen this technology become a natural part of many markets. For example, filming a scene that requires aerial view becomes a lot less expensive with a drone, and inspecting the exterior of buildings becomes a lot less dangerous when the life of an employee is not at risk. According to the U.S. Bureau of Labor, 38.8% of total deaths in construction occur from falls in just one calendar year. Falls are the number one cause of death in the construction industry and the third largest cause of death across all industries (Drones Create Safety). A $1,000 piece of equipment becomes priceless when it can transfer the risk of a life. But who is responsible for the misuse of a drone, and is there liability coverage for your commercial drone? This article will address how innovative technologies can improve current industries or potentially disrupt them and what role insurance companies will play in the near future.

Do we really want more healthcare data?

Wellness technology is advancing rapidly with untapped data. Not long ago, insurance companies started compiling data on teenage drivers. Soon enough they found a strong correlation between a student’s grades, and their likelihood to get in an accident. Of course, grades do not depict how well you can drive, but a strong correlation can help save the insurer a lot of money. Soon came the “good student” discount. If you can provide proof that your teenage driver will get grades above the threshold that the carrier believes has a statistical impact on the amount of accidents the insured will experience, you can save some money. Because of the historical data, companies can now better underwrite their clients and the insured is awarded with a discount and another reason to nag their kids about grades. The good student discount isn’t the only way insurance companies use correlation data. They also use it to responsibly insure smokers. The insurer can better predict their client’s health issues based on employee lifestyles (Tech-Enabled). Insurance companies have been adapting to data since the inception of insurance. Even recent policy such as the Affordable Care Act, is still making major changes to the health insurance market.

Correlation is everywhere. The law of large numbers explains that the more information on the consumer side, the more accurate the underwriting becomes. Obviously, client wellness and the data behind it is very important to insurance companies. Fitbit started out in 2007 as a small group of people with an idea of a fashionable activity-tracking bracelet. Now, Fitbit is publicly traded on the New York Stock Exchange, selling over 22.3 million devices in the past year with reported revenue of $574 million (Fitbit Reports). Not only did Fitbit just go international with Vector Watch UK Limited, but they also acquired FitStar Labs, a private company that develops software applications for games, social networking platforms, and mobile devices. Fitbit has quickly gone from an interesting concept, to a full-blown technology powerhouse collecting very sensitive data.

With all the recent advances in wellness data and wearable technology, getting the data to companies that want it is probably just a few lawsuits and a small acquisition away. Who stores and can obtain this information is being questioned more every day. According to the HuffingtonPost, prosecutors obtained data from Chris Bucchere’s activity bracelet to prove that he was speeding before his accident. Bucchere was convicted with a felony for vehicular manslaughter (Weinstein, Mark). While many argue a breach of policy, others are taking advantage of the information while they can. For example, John Hancock Life Insurance Company is offering their clients a 15% discount if they permit their Apple Watch to monitor their activities (IoT Insurance). Data like this has the potential to disrupt consumer information in many industries, especially current healthcare data. It is important to keep in mind that access to personal data is a topic that is already highly controversial and debated in the litigation community. Innovations like smart watches and activity bracelets can increase the accuracy of current data and lower consumer cost, but these advances in wellness technology need to be monitored for their disruptive nature and potential for abuse.

My car can now drive itself, should I switch insurance providers?

Ford, Chevy, Volkswagen, Buick, and Honda are all reputable household names making major moves towards autonomous vehicles. Even Teslas are quickly becoming more affordable as recent innovations in self-driving technology are leading to rapid industry expansion. The Insurance Institute for highway Safety is anticipating about 3.5 million self-driving vehicles by 2025, and 4.5 million by 2030 (Self-Driving). Recent improvements such as the rear-view monitor, blind spot sensors, and self-parking technology are being integrated into the factory design of many popular cars. These improvements in design and safety have led to a lower fatality rate. “The likelihood of a driver dying in a crash of a late model vehicle fell by more than a third over three years, and nine car models had zero fatalities per million registered vehicles,” (Insurance Institute for highway Safety). There is no question that our ability to prevent crashes will greatly reduce the number of fatal accidents. What is unclear, however, is how liability laws might evolve to insure autonomous vehicle technology. Insurers will have to determine how to underwrite policies where accident medical bills are lower than ever, while replacing vehicle cost may be higher than usual. It may also become common to see a higher percentage of product liability claims as the insured blame the suppliers for mistakes made on the car’s behalf and fight for subrogation. Need for liability coverage will become more important. As suggested by the 2014 RAND study on autonomous vehicles, “…product liability might incorporate the concept of a cost-benefit analysis to mitigate the cost to manufacturers of claims.” This could relieve pressure on the healthcare and disability cost related to automobile claims.

As of right now, there are basically two types of liability systems. There is the no-fault concept in some states, while in others liability is based on the tort system. The arrival of self-driving cars will have an impact on policy, but for now there isn’t much of a direction. Will the systems align to be more uniform, or will the states pass on the torch to the federal government asking them to play a larger role? The more that car manufacturers are blamed, the more likely we are to see the federal government getting involved. RAND Corporation did a study of the benefits of self-driving vehicles in 2016 and concluded that personal liability will decrease while manufacturer liability is likely to increase (Self-Driving). Car manufacturers are starting to look more like computer manufacturers. Patrick Lin, a writer for Forbes, believes that with this shift in technology, “…hard ethical decisions in programming and new product liability cases will surely challenge law and disrupt the insurance industry…” (No Self-Driving).

Smart cars, what’s next smart homes?

Companies like Vivint and The SOHO Shop are bringing the future closer by integrating smart home technology. The SOHO Shop, founded in St. Charles Missouri, was created with the idea of a trusted and reliable home/commercial automation. Their products range from automated shades and central VAC, to industrial building automation, IT, security and video surveillance. These companies are bringing their software and skills to individual homes along with bigger living areas like retirement communities. Introducing products such as intelligent window and door monitors can make people living alone feel safer. They also offer products that can monitor oven temperatures, water use, bed, chair, and bathroom usage for those living by themselves that may need assisted care. This technology is helping keep patients with medical need comfortable and safe, but what does this mean for insuring the modern home?

The insurer, American Family, has a model home where they are testing out the automated features such as water and temperature sensors. These sensors prevent leaks and notify homeowners before a pipe burst or an appliance malfunctions causing damage. Data from these sensors may eventually be used to profile some customers as being more/less likely to let small disasters occur. American Family and USAA are both exploring this technology. State Farm and Liberty Mutual both offer discounts on your home policy if you decide to begin transforming your home into a smart home (Home Automation Giant). The federal government has already started designing a functional way to access utility data. The Green Button Initiative is a nonprofit project that allows businesses and homeowners to access their energy use data in an industry standardized format (The Green Button). This initiative was a response to a 2012 White House call-to-action to provide utility customers with easy and secure access to their information (Giving Consumers Access).

Senior Managing Director, at Accenture, Jogn Cusano claims that turning customers’ homes into data hotspots will increase the risk of data breaches. Cusano believes that underwriting will change to reflect the new risk of cyber-attacks (Why Insurance Companies). Only time will tell if insurers will save enough by preventing leaks to make up costs from ransomware.

We have drones and reinsurance, what can possibly go wrong?

Being ahead of the game means taking the proper precautions to keep changing technology from disrupting your business. While we now have the ability to lock office doors without relying on the janitor, and send flying robots to do our dangerous jobs, we are also becoming more vulnerable to cyber-attacks than ever before. According to The State of SMB Cybersecurity Report, “…a staggering 50 percent of small and midsized organizations reported suffering at least one cyberattack in the last 12 months…” (State of Cybersecurity). A cyber-attack on a large company can ruin their reputation, but a cyber-attack on a small business or a household can cause detrimental financial damage. The worst part is that many people don’t know what to do about it: “52% of organizations that suffered successful cyber-attacks in 2016 aren’t making any changes to their security in 2017” (Barkly Blog). Companies need to find innovative ways to address this. Limited access and cut ties are a great place to start. No one person in the company should have access to everything. There should also be fewer passwords and more identity verification requirements. If someone knows your email, what city you live in, and your birthday, it is not difficult to gain access to one of your online accounts (banking, social media, email, etc.…), which will only make it easier to gain access to the rest of your accounts.

On May 17th 2017, the House of Representatives passed the Modernizing Government Technology Act (115th Congress). This legislation will allow the federal government to improve and replace existing information technology systems to strengthen cyber security. Not only does this affect individuals but it is also a national problem. A study performed by the Ponemon Institute in June of 2016 shows that the average cost per stolen record is $158 (2016 Cost of Data). Multiple government agencies have been breached, releasing vital information about government employees and programs. In a recent preventative measure, the Department of Homeland Security decided to increase its Federal Cybersecurity programs by expanding EINSTEIN and Continuous Diagnostics and Mitigation programs. In Missouri, these laws are interpreted to require that any company notify every individual that is affected by a cyber breach and must offer one year of credit monitoring for the individuals.

What is your company doing? In today’s world, multi-factor authentication is a must. It simply adds another layer of security by texting a code to your mobile device after you sign in with a password. Many companies have created software like the Google Authenticator app that gives you a randomly generated code. This generated code regenerates every ten seconds, adding another level of security. Every company should also have a policy in place to deal with cyber-attacks when they occur, along with a way for employees to report any problems anonymously. According to a study done by Pricewaterhouse Coopers, “the most widely used advanced-authentication technologies are hardware and software tokens, followed by biometrics such as fingerprint and iris scanners” (Global State of). Smartphone tokens are becoming more popular due to security compromises of business phones and work tablets. If a password-less authentication is the route you wish to go, your organization may want to rethink your approach to identity management. Most important is an intuitive process for the end user. PwC recommends the IAM, Identity and Access Management, a web service by Amazon Web Services that helps you securely control access to AWS resources for your users. You use IAM to control who can use your AWS resources (authentication) and what resources they can use and in what ways (authorization). Although products like Google Cloud IAM and AWS IAM are not a replacement to Active Directory or OpenLDAP, they are becoming a necessary add-on.

Cyber Insurance is a special product that addresses the emerging coverage gaps in traditional insurance policies that result from our increased use of technology and reliance on the risk that comes with storing sensitive data. Cyber perils range from network outage, data theft, and even cyber extortion demands. Although you may not think it is necessary yet, a paper released from the R Street Technology Policy Fellow Anne Hobson, argues that it’s in the governments best interest to hold vendors and contractors that do business with the federal government, financially responsible for any cybersecurity issues on their part that costs U.S. taxpayers (Aligning Cybersecurity Incentives).

Old industries tend to lag in financial technology. “67% of risk professionals are not aware of their organization having processes and procedures in place to trigger a risk assessment of a modern technology before it is actually used. And more than half of the correspondents said their company had not undertaken risk assessments around disruptive technologies (technology innovation).

Blockchain technology is almost here.

On July 24th of 2017, innovative leaders from across the states got together at Washington University in St. Louis to talk tech. The topic was trade and everyone was talking about how blockchain technology can revolutionize supply trade management. Brigid McDermott from IBM was on stage explaining how inefficient and unprotected most supply chains are. She explained how every company, every port, and every person along a supply chain has a unique way of recording and securing a transaction which leaves too much room for corruption. “Less than 0.5% of all data is ever analyzed and over $130 billion is spent on bid data and business analytics globally.” Supply chains being inefficient and expensive, seemed to be the theme. “Blockchain creates the trust necessary to address the end-to-end process,” she exclaimed. Being able to sort through a common ledger would save supply chains millions. Next in line was Soumak Chatterjee from Deloitte, who explained that a blockchain based system not only beats any other centralized ledger with its ability to authorize, and audit transactions, but excels in many fundamental security aspects. Next up was Kate Lybarger from Monsanto. Then was Farron Blanc from RGA to talk on blockchain in the Insurance world. But it wasn’t until Nick Williamson from Qad.re brought out a demo of his software that could be used as a decentralized ledger for shipping warehouses. He showed the audience how this blockchain based software could read, compile, and organize data from thousands of shipping containers with extreme accuracy. The goal is to stop fraud, counterfeit prescriptions to be exact, and Nick is going to do it with the support of smart contracts on the blockchain.

In the past month, Promoting Good Cyber Hygiene Act of 2017, a piece of cybersecurity legislation, was introduced into congress. This legislation would mandate the National Institute of Standards and Technology (NIST), the Federal Trade Commissions (FTC), and the Department of Homeland Security (DHS) to outline the steps necessary to establish baseline practices for good cyber security. A couple year back the National Cybersecurity Protection Act of 2014 became law to direct the goals of the DHS and stakeholders. This law pushed the private sector to provide incident response and cybersecurity information with public entities to enhance overall security. Reluctance from companies to share their security analysis lead to the Promoting Good Cyber Act. This highlights, regardless of location or industry, nine critical updates:

Critical Updates:

  • Old or unpatched networks
  • Quarterly cyber security training
  • Multifactor authentication
  • Regular backups
  • Extra security with older systems
  • Cloud or blockchain migrations
  • Detection and prevention system analysis
  • Manage service providers
  • Cyber insurance

These updates are mandatory with expanding connectivity. People often overestimate how much popular companies really know. For example, Wired released a video of two hackers remotely disabling a Jeep and killing the engine while it was on the highway. Not many understand that the computers in our cars are connected to the internet. Even recently Toyota has turned to MIT’s blockchain experts to explore possible systems for safer autonomous vehicles (Toyota Tech).

Advances in technology are great for our society in many ways. We can expect to see fewer accidents, greater connectivity, and more wireless freedom. We have already seen great reduction in fatal accidents including falls and car crashes. While the Internet of things is expanding our abilities, it also carries a wake of disrupting characteristics and unpredictable events. Last year the Department of Homeland Security met to discuss interest in forming a cybersecurity data repository to better understand and visualize emerging cyber incidents. (National Protection) A secure repository would help collect and aggregate cyber incident information, acting as a reliable source for the cyber risk community. Disruptive technologies have a big influence on the way industries form and collapse and properly analyzing the data is important, but lagging regulation often prevents swift movements in the right direction. Although cyber risk is still a foreign territory for many, it is important to stay progressive through these changing times. Creating a more robust and efficient cyber insurance market has the potential to strengthen current industries by greatly reduce the number of cyber-attacks and steering clear of the many societal threats our nation has already faced.

About the Author

Brandon Bradshaw: Analytics Intern attending Missouri State University perusing a Computer Information Systems degree. Plans to continue his education in the Management and Information technology Department Cybersecurity Graduate Program.

Works Cited

Castro, Daniel, and Henry Sherwin. “Giving Consumers Access to Water Data Promotes Smarter Use.” Brink – The Edge of Risk. N.p., 24 Sept. 2015. Web. 17 July 2017.
Comstock, Jonah. “PwC: 1 in 5 Americans Owns a Wearable, 1 in 10 Wears Them Daily.” MobiHealthNews. PwC Study, Mobihealthnews Article, 21 Oct. 2014. Web. 26 July 2017.
Coopers, Pricewaterhouse. “Global State of Information Security Survey 2017.” Toward New Possibilities in Threat Management, 2017, pp. 8–10., www.pwc.com/gx/en/issues/cyber-security/information-security-survey/assets/gsiss-report-cybersecurity-privacy-possibilities.pdf.
“2016 Cost of Data Breach Study: Global Analysis.” 2016 Cost of Data Breach Study: Global Study. Ponemon Institute & IBM, 17 June 2016. Web. 21 July 2017.
CyberAvengers*, The. “Cyber Hygiene and Government–Industry Cooperation for Better Cybersecurity.” Brink – The Edge of Risk. N.p., 11 July 2017. Web. 17 July 2017.
Danzon, Patricia M., and Mark V. Pauly. “Insurance and New Technology: From Hospital to Drugstore.” Health Affairs Org. N.p., 2001. Web. 17 July 2017.
“FACT SHEET: Cybersecurity National Action Plan.” National Archives and Records Administration. National Archives and Records Administration, n.d. Web. 17 July 2017.
Famakinwa, Joyce. “Drones Create Safety Opportunities, Raise Privacy Concerns.” Businessinsurance.com. N.p., 31 May 2017. Web.
“Fitbit Reports $574M Q416 and $2.17B FY16 Revenue, Sells 6.5M Devices in Q416 and 22.3M Devices in FY16.” Fitbit, Inc. N.p., n.d. Web. 18 July 2017.
Gale, Melissa. “Technology Innovation Is Disrupting Risk Management.” Brink – The Edge of Risk. Brink The Edge of Risk, 26 June 2017. Web. 17 July 2017.
Gammons, Brianna. “6 Must-Know Cybersecurity Statistics for 2017 | Barkly Blog.” Barkly Endpoint Security Blog. N.p., n.d. Web. 17 July 2017.
Gautham. “It Is Time for the English Insurance Sector to Adopt Blockchain Tech?” SafeShare Insurance. N.p., 18 May 2016. Web. 17 July 2017.
Gertrude Chavez-Dreyfuss. “Toyota, Tech Firms Explore Blockchain for Driverless Cars.” Reuters, Thomson Reuters, 22 May 2017, www.reuters.com/article/toyota-selfdriving-blockchain-idUSL1N1IO178.
“The Green Button – the Standardized Way to Get Your Energy Usage Data.” The Green Button – the Standardized Way to Get Your Energy Usage Data. N.p., n.d. Web. 17 July 2017.
Higginbotham, Stacey. “Why Insurance Companies Want to Subsidize Your Smart Home.” MIT Technology Review. MIT Technology Review, 12 Oct. 2016. Web. 17 July 2017.
Hurd, Will. “H.R.2227 – 115th Congress (2017-2018): MGT Act.” Congress.gov. N.p., 18 May 2017. Web. 17 July 2017.
Institute, Ponemon. “Introduction.” 2016 State of Cyber Security in Small & Medium-Sized Businesses, doi:Sponsored by Keeper Security.
Laycox, Sandy. “Tech-enabled transparency is a major step in regaining control of healthcare costs.” Medical Exam pg 45, Leader’s Edge Magazine June 2017.
Lin, Patrick. “No, Self-Driving Cars Won’t Kill the Insurance Industry.” Forbes, Forbes Magazine, 25 Apr. 2016, www.forbes.com/sites/patricklin/2016/04/25/self-driving-cars-wont-kill-insurance-industry/#774d5c45746f.
Meola, Andrew. “IoT Insurance: Trends in Home, Life & Auto Insurance Industries.” Business Insider, Business Insider, 20 Dec. 2016, www.businessinsider.com/internet-of-things-insurance-home-life-auto-trends-2016-10.
Miller, Ron. “IBM Unveils Blockchain as a Service Based on Open Source Hyperledger Fabric technology.” TechCrunch. TechCrunch, 19 Mar. 2017. Web. 17 July 2017.
“Missouri Data Breach Laws: Notification Requirements.” TechInsurance. BIN Insurance Holdings, LLC, n.d. Web. 26 July 2017.
“National Protection and Programs Directorate; National Protection and Programs Directorate Seeks Comments on Cyber Incident Data Repository White Papers.” Federal Register. N.p., 28 Mar. 2016. Web. 17 July 2017.
Rader, Russ. “Death Rates Fall as Vehicles Improve.” IIHS, Status Report, Vol. 50, No. 1, 29 Jan. 2015, www.iihs.org/iihs/sr/statusreport/article/50/1/1.
Ralph, Oliver. “AIG Sets up Blockchain Policy for Standard Chartered.” Financial Times. N.p., 15 June 2017. Web. 17 July 2017.
Rorke, Catrina, et al. “Aligning Cybersecurity Incentives in an Interconnected World | R Street.” R Street Institute | R Street, R Street, 16 Feb. 2017, www.rstreet.org/policy-study/aligning-cybersecurity-incentives-in-an-interconnected-world/.
“Self-Driving Cars and Insurance.” Insurance Information Institute. N.p., July 2016. Web. 17 July 2017. http://www.iii.org/issue-update/self-driving-cars-and-insurance.
Shabat, Matthew. “National Protection and Programs Directorate; National Protection and Programs Directorate Seeks Comments on Cyber Incident Data Repository White Papers.” Federal Register, Department of Homeland Security, 28 Mar. 2016, www.federalregister.gov/documents/2016/03/28/2016-06856/national-protection-and-programs-directorate-national-protection-and-programs-directorate-seeks.
Vivint. “Home Automation Giant Vivint Partners with Liberty Mutual Insurance to Offer Its Customers Savings on Auto and Home Insurance.” PR Newswire: News Distribution, Targeting and Monitoring, PRNewswire, 3 Aug. 2017, www.prnewswire.com/news-releases/home-automation-giant-vivint-partners-with-liberty-mutual-insurance-to-offer-its-customers-savings-on-auto-and-home-insurance-234214571.html.
Weinstein, Mark. “What Your Fitbit Doesn’t Want You to Know.” The Huffington Post, TheHuffingtonPost.com, 21 Dec. 2015, www.huffingtonpost.com/mark-weinstein/what-your-fitbit-doesnt-w_b_8851664.html.


Continue reading...

Where is Health Care Reform Headed?
- Does anyone know?

July 26, 2017


“Roads? Where we’re going, we don’t need roads.” Back to the Future. (1985).

Yesterday, the Mitch McConnell-led Senate voted to open debate on the American Health Care Act (AHCA), the House of Representatives’ bill which repeals and replaces the Affordable Care Act (ACA). During the ensuing 20 hour debate, Senators will consider and vote on many amendments to the AHCA that will repeal or modify part or all of the ACA. There’s no roadmap for this process, and no identified final destination. But apparently where the Senate is going, they don’t need roads.

The Senate has already held one vote on one version of the Better Care Reconciliation Act (BCRA), which included amendments from Senator Cruz and Senator Portman. It was rejected 57-43. The Senate is anticipated to vote on several other amendments in the coming days. It’s impossible to predict what will happen during the debate process or the “vote-a-rama” that follows it, during which Senators can propose and vote on possibly hundreds of amendments.

There should be some clarity on the ACA’s likelihood of survival in the coming days. Until then, the situation is incredibly fluid and it’s anyone’s guess what will come out of the Senate.

Continue reading...

Last Call for PCORI Fees
Due July 31

July 26, 2017


Self-funded medical plan sponsors must calculate and pay PCORI fees by July 31. Click here for details on which plans are subject to PCORI fees, how to calculate them and which IRS forms to use.

Continue reading...

Health Care Reform Update
-Links to the June 30 Webinar

June 30, 2017


If you were unable to attend this morning’s Health Care Reform Update webinar, you can access the recording by clicking this link. The presentation slides are available through this link.

Continue reading...