Bolton’s Compliance Download newsletter covering employee benefits compliance updates and guidance

The Compliance Download, June Vol. 3

HIPAA Privacy: Key Compliance Considerations for Employers

The Health Insurance Portability and Accountability Act (HIPAA) establishes federal standards for protecting protected health information (PHI), but its application to employers depends largely on their role as health plan sponsors. While HIPAA generally does not apply to employment records, it does apply to employer‑sponsored health plans and any PHI used for plan administration. Employers with self‑funded plans or access to PHI have more extensive compliance responsibilities, while those sponsoring fully insured plans with limited PHI access typically face fewer obligations. Understanding where PHI exists within your organization—and how it is used—is a critical first step in determining compliance requirements.  

From a compliance perspective, employers must implement appropriate safeguards when handling PHI, including limiting access, maintaining separation between plan administration and employment functions, and ensuring PHI is not used for employment‑related decisions. Additional obligations may include entering into business associate agreements, training staff, and providing a Notice of Privacy Practices where required. Employers should also review wellness programs, vendor relationships, and plan documentation to confirm they align with HIPAA standards. Proactive review and clear processes can help reduce compliance risk and ensure sensitive health information is properly protected. Reach out to a member of your Bolton team should you have questions regarding HIPAA compliance.

download here

ACA Individual Mandate: Key Compliance Background and Current Status

Under the Affordable Care Act (ACA), individuals were originally required to maintain minimum essential coverage (MEC) or face a federal tax penalty. While the federal individual mandate remains part of the ACA framework, the federal penalty for noncompliance was reduced to $0 effective January 1, 2019. 

For employers, the key takeaway is that the elimination of the federal individual mandate penalty did not change employer ACA obligations. Applicable large employers must continue to comply with employer shared responsibility requirements, including offering affordable, minimum-value coverage and meeting ACA reporting obligations. In addition, several states have implemented their own individual mandate requirements, which may affect employees and create a need for state-specific employee communications. 

Employers should continue to monitor state mandate developments and ensure employee communications accurately reflect any applicable state coverage requirements. 

download here

Form 5500 Filing Deadline Approaching: Compliance Reminder for ERISA Plan Sponsors

Plan sponsors with ERISA‑covered employee benefit plans should be aware that the annual Form 5500 filing deadline is July 31, 2026, for calendar‑year plans covering the 2025 plan year. Form 5500 must be electronically filed with the U.S. Department of Labor unless a filing exemption applies. Employers needing additional time may request a one‑time 2½‑month extension—until October 15, 2026—by filing IRS Form 5558 no later than July 31. 

To support compliance, employers should confirm filing obligations now, coordinate with service providers, and ensure all required schedules and attachments are prepared and submitted through the DOL’s EFAST2 system. 

download here

This site uses cookies to improve your experience. By continuing to browse, you agree to our use of cookies.