DOL Issues New Proposal on Overtime Rule
On March 7, 2019, the Department of Labor (DOL) issued a proposed rule that would change the salary thresholds for the “white collar” overtime exemptions under the Fair Labor Standards Act (FLSA). Under the proposal, the minimum salary level for executive, administrative and professional employees would increase from $455 to $679 per week ($35,308 per year). This is significantly lower than the $913 salary level set in the 2016 final rule (which never took effect due to an injunction).
The proposal would allow employers to use nondiscretionary bonuses and incentive payments (including commissions) that are paid annually or more frequently to satisfy up to 10 percent of the standard salary level. The minimum salary level for highly compensated employees would also increase from $100,000 to $147,414 per year (an increase from the 2016 final rule’s annual threshold of $134,004).online disclosure is March 1, 2019.
These changes will not take effect until after a final rule is issued. Employers are not required to comply with the proposal, but should become familiar with it and begin identifying which employees may be affected.
IRS Allows Employers to Recover Mistaken HSA Contributions
The Internal Revenue Service (IRS) recently released an information letter describing circumstances that would allow an employer to recover contributions mistakenly made to its employees’ HSAs.
Previously, IRS guidance allowed employers to recover HSA contributions in very limited situations, such as when the contribution exceeded the applicable annual limit. The new guidance also allows employers to recover HSA contributions when there is clear documentary evidence showing there was an administrative or process error.
In addition, the new IRS information letter provides specific examples of common administrative or process mistakes that occur when administering HSA contributions.
This is helpful guidance for employers that administer HSA contributions. Employers that recover mistaken HSA contributions should maintain documentation showing that a mistake occurred. Also, any correction should put the employer and employees in the same position they would have been had the mistake not occurred.
2018 was a Record Year for HIPAA Enforcement Actions
In 2018, the Office for Civil Rights (OCR) settled 10 cases and was granted summary judgment in a case involving Health Insurance Portability and Accountability Act (HIPAA) enforcement. The enforcement actions resulted in an all-time record year for the OCR, with enforcement penalties collected totaling $28.7 million—a 22 percent increase from the last record year.
Enforcement Highlights of the Year
Of the cases the OCR was involved with, here are the most costly enforcement actions:
- Fresenius Medical Care North America (FMCNA): In January 2018, FMCNA settled for $3.5 million with the OCR for the five separate data breaches that occurred between Feb. 23, 2012, and July 18, 2012.
- The University of Texas MD Anderson Cancer Center (MD Anderson): In June 2018, a Department of Health and Human Services (HHS) judge ruled in favor of the OCR and ordered MD Anderson to pay $4.3 million in penalties for its HIPAA violations.
- Anthem Inc.: In October 2018, Anthem paid $16 million to the OCR, an all-time record for most costly penalty, after a series of cyber attacks allowed criminals to steal the electronic personal health information (ePHI) of nearly 79 million individuals from Dec. 2, 2014 to Jan. 27, 2015.
- Cottage Health: In December 2018, Cottage Health agreed to pay $3 million to the OCR after two breaches exposed unsecured ePHI of 62,500 individuals.
The HIPAA Privacy and Security Rules are complex, and violations can trigger expensive penalties. Fortunately, there are resources available from Higginbotham and HHS to help covered entities comply with the HIPAA Rules. Many of these resources are available through HHS’s website on the following topic pages:
- Guidance on the HIPAA Privacy Rules
- HIPAA Security Rule Guidance
- Security Risk Assessment Tool
- Cyber Security Guidance
- Breach Notification Guidance
- Compliance & Enforcement
We're also here to help. Contact your Higginbotham representative today for more information about HIPAA compliance.
Subscribe to Higginbotham emails for HR News Worth Review sent to your inbox monthly.