Taking Employee Wellness To The Limit

Taking Employee Wellness To The Limit

EEOC, HHS lay out the regulatory do’s and don’ts for workplace wellness programs.

I’m not an early adopter. It’s not that I’m risk-averse or afraid to take a chance. I just don’t have the time to work out all the bugs of the first version of anything. I’ll let the cool kids do that before they run to the next big thing. I’m happy to buy Version 2, which works better and will stick around a lot longer.

The EEOC’s guidance falls into four buckets: Programs, participation, incentives and health data.

  • First, the workplace wellness program itself “must be reasonably designed to promote health or prevent disease.” A program meets that standard if it has a “reasonable chance” of making workers healthier or keeping them from getting sick. That means it’s OK to ask employees to take health risk assessments or undergo biometric screenings to alert them to potential health problems. It’s also OK for employers to look at aggregated employee health data to identify common health problems and develop wellness interventions to address those problems.
  • Second, employee participation must be voluntary. That means you can’t require workers to participate, you can’t deny or limit health benefits to workers who don’t participate and you can’t punish, retaliate, intimidate, threaten, coerce or fire anyone who doesn’t participate.
  • Third, employers can incent employees to participate or penalize those who don’t (or who don’t meet certain health goals). But the incentives or penalties are limited to 30 percent of the total cost (combined employer and employee contribution) of providing health benefits to the individual. So if the total cost is $10,000, then the maximum reward or penalty would be $3,000.
  • And fourth, employers must tell workers in advance what medical information will be collected, how it will be used, who has access to it and how it will be protected. Employers are required to protect the confidentiality of employee health data and can only collect it in aggregate form. The EEOC suggests that company individuals who handle the employee health data not be in positions responsible for making employment decisions.

The second piece of legal guidance comes from the U.S. Department of Health and Human Services, which is charged with enforcing compliance with HIPAA. HIPAA is the federal law that defines “protected health information” (PHI), who has to protect it, how it has to be protected and what happens to those who don’t. In a two-page policy clarification, HHS explained when HIPAA applies to workplace wellness programs and when it doesn’t (1.usa.gov/1DPHI9q).

In short, if an employer offers employees a workplace wellness program as part of a group health insurance plan, the health data collected as part of that program is considered PHI, and the plan and the employer administering the plan are subject to HIPAA. If the wellness program is not part of a group health insurance plan and is administered by the employer directly, the health data is not considered PHI, and the employer is not subject to HIPAA.

HHS guidance stands as is. The EEOC proposed rules are not final, but in an explanatory document accompanying the rules, the agency says you should follow them anyway (1.usa.gov/1P3ykCV). I think it’s safe to follow the workplace wellness early adopters into the pool now.

David Burda (@davidrburda, dburda@msp-c.com) is editorial director, health care strategies, for MSP-C, where he serves as the chief health care content strategist and health care subject matter expert.

Short Take

Speaking of early adopters, it seems that mid-size employers are the business segment driving the initial wave of interest in private health insurance exchanges. That’s according to a report from Accenture, the Chicago-based management consulting firm (bit.ly/1FumFWT). The report said the number of employees who receive their health benefits through a private exchange doubled this year to 6 million, from 3 million in 2014. To date, large employers, which Accenture defined as having more than 2,500, have shied away from private exchanges because big companies traditionally don’t want to be first, the benefits packages available through exchanges didn’t mirror what big companies currently offer workers and the exchanges themselves didn’t have the enrollment capacity anyway. Accenture predicted that the situation will change, and change fairly quickly. As any lingering regulatory concerns dissipate, the exchanges’ coverage capacity and offerings expand and smaller companies boast of the cost savings they’re enjoying from using exchanges for their group coverage, big companies will join in the fun. Accenture projects that private exchange enrollment will double again to 12 million employees in 2016, then more than triple to 40 million in 2018. This will be fascinating to watch.


Forgive me for staying on this patient safety jag, but it’s important. You already know this if one of your employees came back from the hospital or doctor in worse shape than when they went in. In the May column, we talked about employers’ responsibility to steer workers to the safest hospitals and doctors possible (bit.ly/1OAg872). We listed some national resources available to employers to help them do that. In the June column, we followed up with a list of three Minnesota-specific patient safety resources available to employers in the state (bit.ly/1QggeMN). The Leapfrog Group, a national organization that I mentioned in the May column, just released its latest hospital-specific safety grades for 2,523 hospitals. Less than a third got an A. Of the 39 Minnesota hospitals in the mix, 13, or a third, got an A (see “Passing Grades” chart). That’s better than the national average and good enough to place Minnesota 12th on the group’s ranking of states with the safest hospitals. That’s helpful if you send your employees to one of the 39 hospitals that voluntarily participate in the Leapfrog patient safety survey process. That’s not helpful if you send your employees to one of the other 104 hospitals in the state. As an employer, you should ask your hospital what their Leapfrog Group patient safety grade is. And if they don’t participate in the program, you should ask them why not.

Related Stories