In this second installment of our Health & Welfare Plan Fiduciary Governance Series, we take a detailed look at a core fiduciary responsibility in the health and welfare plan context—evaluating, selecting, and contracting with third-party service providers. This alert focuses on third-party administrators (TPAs) for self-insured medical benefits. A later installment will address contracting with pharmacy benefit managers.
Why choose a third-party administrator?
A health plan’s designated fiduciaries are responsible for monitoring the overall operations of the plan. Because the designated fiduciaries themselves are generally not equipped to handle day-to-day administration of the plan, they must designate certain administrative responsibilities to third-parties. However, the act of designating fiduciary responsibilities to a third-party is itself a fiduciary act. Therefore, plan fiduciaries must follow ERISA’s duty of care when evaluating and selecting a third-party service provider.
To assist in the third-party service provider selection process, plan fiduciaries often rely on legal counsel and brokers/consultants. Legal counsel’s primary function will be to advise plan fiduciaries with respect to legal compliance, risk mitigation, and contract negotiations. Broker/consultants will assist with the identification of potential third-party service providers and fee negotiations.
The remainder of this article describes the general process of evaluating and selecting TPAs. First, plan fiduciaries should retain a broker/consultant to assist in the selection process. Second, the broker/consultant will guide the fiduciaries through a request for proposal (RFP) process. Third, once a TPA is selected, fiduciaries will work with the broker/consultant to confirm that the contract conforms with the RFP response and contains market-standard terms and conditions.
Step 1 — Retaining a Broker/Consultant
Plan fiduciaries often rely heavily on the advice of brokers and consultants in selecting TPAs. The administration of group health plans involves specialized expertise, and consultants are uniquely positioned to understand the intricacies of healthcare delivery and have a broader view of the market trends. When engaging a broker/consultant, plan fiduciaries should evaluate:
- The broker/consultant’s experience with plans of a similar size and benefit structure;
- Fees (e.g., commissions, overrides, and other incentives); and
- The broker/consultant’s willingness to disclose and restrict potential conflicts of interest.
Step 2 — Conducting a Request for Proposal for TPAs
Once legal counsel is engaged and a broker/consultant is retained, the next step is to conduct a formal RFP for a TPA. The RFP process gives plan fiduciaries the opportunity to obtain detailed information from prospective TPAs so that the fiduciaries can compare responses and determine who would be appropriate for the plan.
To conduct a successful RFP, plan fiduciaries should:
- Have a full analysis of the plan’s claim history at the ready;
- Identify the most significant areas of spending, the programs that have failed to deliver value, and the programs that have added to cost savings, if any;
- Work with the broker/consultant and legal counsel to:
- Prepare a detailed questionnaire,
- Identify the contractual requirements,
- Analyze plan data (e.g., claims and spending), and
- Identify programs to include in the plan design and administration.
- Include either core contractual requirements in the RFP or attach a full draft contract as part of the RFP.
Ideally, the RFP process should start several months before the effective date of the new contract. Once RFPs are distributed and returned by prospective TPAs, the broker/consultant and legal counsel can assist the designated plan fiduciaries in evaluating the RFP responses. Typically, plan fiduciaries will evaluate each response and select two or three as finalists. The finalists are invited to present directly to the plan fiduciaries and to submit their best and final offers. After the finalist meetings, plan fiduciaries will select the winning TPA.
Step 3 — Contracting with the Selected TPA
Once a prospective TPA is selected, the contract should be negotiated immediately (including review of TPA-specific provisions and exhibits and financial terms and key provisions that have already been accepted during the RFP phase). These agreements are overwhelming in their sheer volume and contain highly technical provisions related to the administration of medical benefits. For designated plan fiduciaries, it is key to have legal counsel review and provide comments at least a few months before services are to commence. If the contract negotiation process starts too close to the service start date, plan fiduciaries will have little leverage to negotiate favorable terms.
As noted above, the contract itself is highly technical and contains numerous terms and conditions. Set forth below is a non-exhaustive list of contractual terms that plan fiduciaries should incorporate into the contract with the assistance of legal counsel.
Fiduciary Status and the Standard of Care.
TPAs that process claims and appeals must acknowledge their fiduciary status in the agreement. The roles of the TPA, the claims administrator, the plan sponsor, and the plan administrator need to be clearly outlined in the agreement. TPAs often attempt to disclaim or limit any potential fiduciary status. Whether or not these disclaimers are enforceable is outside the scope of this article, but plan fiduciaries should, at a minimum, seek to establish a standard of care that mirrors what would be required under ERISA’s fiduciary construct.
Right to Terminate.
These provisions address a plan sponsor’s right to terminate the contract before the expiration of the term for any reason and without a penalty. ERISA generally prohibits fiduciaries from entering into a contract that cannot be terminated without substantial penalties. It does not preclude fiduciaries from agreeing to the vendor’s recovery of investment costs. For example, often vendors do not charge an upfront fee for the initial implementation, hoping to recoup the investment over the term of the contract. Still, fiduciaries should ensure that the termination fee is reasonable.
Indemnification and Limits of Liability.
These are some of the most important provisions in an agreement. Often, dollar limits on a vendor’s liability for its failure to perform services in accordance with the agreed upon standard of care are set very low. Plan fiduciaries should negotiate a more reasonable limit. Although special or consequential damages are often excluded from indemnification, plan fiduciaries should negotiate carve-outs for particularly egregious acts and breaches of data security.
Confidentiality and Data Security.
With data security incidents becoming more prevalent and given the vast volume of sensitive information handled by health plans, confidentiality and data security become paramount. Involving an IT department in reviewing the data security provisions may be very helpful. Fiduciaries should remember that data security goes beyond protected health information that is typically covered by a business associate agreement.
TPAs should include specific performance guarantees and put part of their fees at risk when they underperform.
From time to time, plan sponsors require approval for a claim for services not otherwise covered by the plan. The contract should spell out the right of the plan sponsor to permit such processing abilities.
Access to Claims
Plan sponsors and administrators cannot adequately administer health plans and manage health spending and quality of services without access to claims information. Although a plan sponsor does not typically review claims data (other than in an aggregate form), the plan sponsor can (and should) engage vendors that perform analyses of trends and spending for the plan. TPAs have been reluctant to provide this access, and a spate of recent lawsuits reflects plan sponsors’ frustration with this lack of access to data. In fact, the Consolidated Appropriation Act, 2021 prohibits contracts from containing restrictions on a party’s access to de-identified claims information.
Hand in hand with access to data is a plan sponsor’s and administrator’s right to audit a TPA’s adherence to the terms of the contract and quality of services.
The TPA selection process can seem daunting, but it is a process that must be completed in accordance with ERISA fiduciary duties, including the duty of care. In the event of litigation alleging a breach of fiduciary duty, plan fiduciaries will be best served by producing evidence of a well-documented RFP process that was guided by an independent broker/consultant and legal counsel.
The health and welfare benefit space is a dynamic one, with fees and services rapidly changing over short periods of time. As such, the current best practice is to conduct an RFP process at least once every five years. In the interim, however, designated plan fiduciaries cannot simply let the plan run on autopilot. ERISA requires that plan fiduciaries monitor the activity of third-parties who have been delegated certain administrative functions. In our next alert in the Health & Welfare Plan Fiduciary Governance series, we will examine best practices for monitoring TPAs (including conducting plan audits).