When the affordability threshold for group health plans is adjusted for inflation under the Affordable Care Act (ACA), it provides employers with a little leeway when it comes to figuring out premium contributions. Even when the affordability threshold goes up, employers still want to make sure they offer an affordable plan to avoid penalties.
Know the employer affordability threshold changes for 2019
Here’s how the IRS’s Revenue Procedure 2018-34 breaks down 2019’s employer shared responsibility (ESR) affordability percentage:
Capability is when an employee is unable to attain expected standards of performance due to a lack of skill, health, ability, training etc. Conduct relates to a person’s behaviour at work not reaching the required standards. The key difference is the level of control an employee has over the situation. When it relates to capability, the. Capabilities will also enable collision avoidance protection for new user classes, including small, general-aviation air-craft that are not currently equipped with TCAS 5. ACAS X represents a major revolution in how the advisory logic is generated and represented. Instead of using ad hoc rule-based pseudocode, ACAS X repre. The Acas statutory Code of Practice on discipline and grievance is set out at paragraphs 1 to 47 on the following pages. It provides basic practical guidance to employers, employees and their representatives and sets out principles for handling disciplinary and grievance situations in the workplace.
- To satisfy the requirement of being affordable, an employer’s lowest-cost, self-only coverage option must not exceed 9.86% of an employee's household income. This is a slight rise from 9.56% in 2018.
- If an employer chooses to use the federal poverty level (FPL) “safe harbor” option to determine affordability, then an employee’s premium payment cannot exceed $99.75/month. This is up from $96.08/month in 2018. (More on this below.)
What does this mean for you and your workers?
The affordability threshold represents the highest percentage of household income that you, as an employer, can require an employee to pay for a monthly plan premium for the plan to be affordable. This figure is based on the least-expensive, self-only plan you offer that meets the ACA’s minimum essential coverage requirements that provides minimum value.
In short, you control whether your plans align with the affordability threshold. With the 2019 increase, you can effectively increase the price of health insurance, while still providing your employees with affordable coverage options.
Many employers rely on affordability safe harbors to make sure that they price at least one plan below the threshold, and avoid triggering any employer-shared responsibility penalties.
What are safe harbors?
The ACA created safe harbors as a workaround for employers. That’s because businesses and organizations don’t know the full household incomes for their employees.
Safe harbors include:
- Form W-2 safe harbor, based on an employee's W-2 wages, as reported in box 1.
- Rate of pay safe harbor, based generally on the employee's rate of pay (hourly wage rate multiplied by 130 hours per month) as of the first day of the plan year or the employee’s lowest hourly rate of pay during the month.
- Federal poverty line safe harbor, based on the FPL for a single individual. For many employers, using the FPL safe harbor for self-only coverage can simplify ACA reporting, and coding form 1095-C.
While these details are essential, they can also be time-consuming for a plan administrator. That’s why many businesses and organizations rely on benefits administration software that provides employee analysis services designed to help comply with the shared responsibility provisions of the ACA.
How does your benefits administration software help simplify ACA reporting?
If you had an average of 50 or more full-time employees, including full-time equivalent (FTE) employees, during the prior year, make sure your benefits administration software helps you stay ACA compliant. BeneTrac provides a suite of tools and services to help you stay compliant year-to-year, even when changes happen. Request a demo, and learn more.
Request your demoComply with the ACA affordability threshold limits
Addressing ESR provisions can be difficult, especially when it comes to tracking your full-time and full-time equivalent (FTE) employee count, and complying with the ACA’s reporting requirements. Challenges you might face include the following:
- Determining the number of full-time and FTE employees you have from among your full-time, part-time, and seasonal staff.
- Testing your coverage to make sure it meets minimum value standards (defined by ESR provisions), and is “affordable” according to wage data.
- Tracking hours during specific periods, as outlined in the ACA’s provisions.
- Managing changes in eligibility, especially when part-time/full-time status might fluctuate for certain employees.
As your dedicated benefits administration solution, BeneTrac’s employee analysis service can help you prepare for, and comply with the ESR provisions of the ACA.
- Employee-hour look-back tools help you plan and determine if the coverage you offer is adequate and affordable, as defined by the ESR provisions. And an on-demand look-back report can help you identify and manage eligibility changes.
- Modeling capabilities can help you determine the impact of different measurement periods for tracking hours that employees work.
- Meanwhile, you can generate a customized workflow in order to offer full-time employees and their dependents coverage per ESR provisions.
In addition, BeneTrac’s Coverage Adequacy Service provides an additional layer of support that can help meet coverage adequacy standards through reporting.
If you are an applicable large employer (at least 50 FTEs), you must make the choice between one of the following:
- Offer adequate and affordable coverage to your full-time employees and their dependents, not including spouses, or
- Potentially be assessed a shared responsibility payment to the government.
- With BeneTrac, you can:
- Test your current coverage for minimum essential coverage, and minimum actuarial value.
- Assess affordability, using the three affordability safe harbors, to compare your current health coverage against your FTEs wage data.
BeneTrac’s proactive tools and services help you meet the coverage adequacy standards, and more.
Don’t let worrying about details keep you from offering your employees health benefits that makes them feel good about where they work. We’ll help make sure your benefits picture is ACA-compliant with a suite of tools and services built around planning, preparing, and delivering benefits that matter to your people.
With BeneTrac supporting the benefits administration side of business, you can take a number of steps toward making health benefits a larger part of your organizational strategy—including recruiting efforts, retention, internal communications, and complying with state and federal laws. Contact a BeneTrac representative to learn more.
Contact UsSince the Defense Information Systems Agency (DISA) began implementing its internal vulnerability management continuous monitoring security program – Assured Compliance Assessment Solution (ACAS) – officials who have worked closely with the solution have praised ACAS’s capabilities, from its continuous passive monitoring, to its dashboarding and prospects of scaling to the cloud.
DISA first issued ACAS’s program contract in 2012, but now that DISA has renewed the contract to maintain ACAS for another two years at the Department of Defense (DoD), the officials who have deployed and praised ACAS shared how DoD has reaped benefits from the program that it hasn’t seen before.
ACAS: The Background and Components
DISA awarded the ACAS contract to Perspecta – then HPES – in April 2012, and Tenable, Inc. has provided the software behind ACAS, which replaced Retina – the previous solution DoD used for its internal network security. Tenable’s software won out because it met DISA’s ACAS solution requirements for a fully integrated vulnerability assessment platform.
More specifically, Tenable’s solution provides continuous enterprise-wide visibility with both active and passive scanning by coupling two scanning applications. One is Nessus, which is not only compliant with Common Vulnerabilities and Exposures, but also DISA’s Security Technical Implementation Guidelines (STIGs).
The other application is the Nessus Network Monitor (NNM), previously named Passive Vulnerability Scanner (PVS), which monitors passive network traffic, new network hosts, and applications that are vulnerable to compromise. Supporting and controlling Nessus and NNM is Tenable.sc Continuous View, which collects scanner data and provides reports and a custom dashboard.
Launching ACAS: The Transition and Early Benefits
Industry professionals recently spoke about the steps they took in launching the solution, as well as the benefits they saw ACAS deliver to DoD.
NorthTide Solutions Architect Phillip Katzman has spent the last 10 years working with DoD and its cybersecurity mission, and he currently focuses on delivering ACAS services to the Army Intelligence Security Command (INSCOM). He said ACAS launched for mandatory use across the services in January 2014 after DoD spent two years designing, storyboarding, data analyzing, and testing operable capability. The benefits ACAS brought over the prior solution were clear, he said.
“Prior vulnerability management software solutions – they were not web-based, not data-based,” Katzman said. “You were running it from an application on a system that generates a file for you to look at. What the game changer was, especially with ACAS, is that they were able to take that and put it into a data-driven web application that’s accessible from anywhere at any time.”
Katzman added that the ACAS enterprise reporting and dashboard capability allowed DoD to customize how cybersecurity leadership could conduct scans and look at data sets, “slicing and dicing” them as requested. Kent Nemoto, ACAS System Administrator, who worked with Katzman in implementing ACAS at Army INSCOM, added that the customizable aspect of the dashboards makes the application flexible for users.
Nessus also proved to create less network “noise,” with minimal network impact in its scanning, which Katzman credits to the power of ACAS’s web-based capabilities.
Acas Capability Provides A Means For Example
“Previous solutions were really, really noisy on the network,” he said. “You could tell when accreditations or assessments were going on because of the sweeps on the network and it just made things unusable. … [Nessus’] integration, the ability to leverage it as a true modern web application. That’s the biggest differentiator.”
Acas Capability Provides A Means For Medical
The Army realized these benefits early in the capability testing phase of ACAS. Katzman said that when his team was working on the NNM launch at the U.S. Indo-Pacific Command (USINDOPAYCOM), NNM detected that a cleared defense contractor was issuing new emails to new employees on an HTTP – not a secure HTTPS – website and as a result was typing passwords in the clear. NNM detected that problem, allowing Katzman’s team to order a fix from the contractor.
“There were probably plenty of contracts, things that they had that were confidential logging on in a coffee shop or something,” Katzman said. “There’s no doubt in my mind that they were actually compromised. But that tool, something that we had just implemented as a test, really came out and instantly showed us that. That’s something that [DoD] still utilizes today.”
Acas Capability Provides A Means For Business
Long-Lasting Benefits for DoD
DISA renewed Tenable’s software license under the ACAS contract in December 2018 based on the success of the technology in the first seven-year contract, according to Chris Cleary, now a vice president of business development and strategy at Leidos and formerly a Tenable business development director who worked with DISA leading up to the contract recompete.
Cleary said DISA does “all things security – administrative-wise” for DoD, and ACAS’s structure has made the administrative portion of DISA’s work much easier.
“Under the ACAS program guidelines, point-in-time scanning is performed once a month and does a scan to find vulnerabilities in the enterprise and provides context that will help the operator correct those vulnerabilities,” Cleary said. “It rinses and repeats. It’s deliberate in this aspect and therefore mechanical in its implementation and execution.”
“In addition to this baseline scanning and reporting, an added value of Tenable’s solution is that NNM provides passive, continuous monitoring that goes beyond the ACAS program requirements and provides constant vigilance,” he added.
The scheduled scans and automated reports simplify the jobs of administrators and engineers within DoD, Katzman added. Rather than responding to requests for different reports, being able to focus on high-value aspects of their mission has improved the quality of their work.
“The solution is now able to automate many of those functions and features and the risk dashboard, especially with the ARCs – the assurance report cards – which is a newer feature that [ACAS] is building out,” Katzman said. “When we should be focusing on the mission, and developing and designing a system, now we get to do that. The solution gives us a lot of time.”
Creating efficiency for the tech workforce goes hand-in-hand with cost-savings ACAS has yielded.
Automating and simplifying administrative features of DoD’s vulnerability and risk management process has reduced the need to hire contractors and freed up DoD personnel who had spent their time doing lower value work, Katzman said. And ACAS has broken down siloed scanning and administration with its enterprise-wide scope, which has created more flexibility in expanding operations without piling on costs, he added.
Beyond labor and cost savings, Katzman emphasized the technological benefits ACAS has brought to DoD.
“The solution’s reporting capability is a critical game changer, particularly because reports can be tailored to different needs,” Katzman said, adding that the real-time components of ACAS are impressive and vital for DoD’s vulnerability management mission.
“The benefit is continuous monitoring, and what we’re really able to see in near real time,” Katzman said. “Asset and inventory management is extremely difficult and being able to see a large majority of your assets at any one time is excellent. That’s why there’s so many different complementary tools – the passive aspect of it, if you want to see things that aren’t quite talking all the time. Point-in-time scans are great, but the asset needs to be online for you to see that.”
ACAS’s Path Forward With DoD to Cloud Scalability
Although Cleary, Katzman, Nemoto, and others at DoD have touted the success and benefits of ACAS thus far, they also spoke about the future capabilities of the solution at the department and how scaling to the cloud is the next big step for ACAS.
Cleary said that ACAS is currently designed as an on-premise application, so it’s installed and can exclusively run on computers on the premises of those using the solution. As DoD continues migrating its servers onto cloud platforms, the ACAS program will need to evolve from on-prem and scale up to provide cloud-level security and scanning services.
“Once you can deploy or leverage Tenable to the cloud, scalability goes through the roof,” Cleary said.
Scaling ACAS to the cloud will also drive efficiency and the speed of the solution’s capabilities, according to Katzman. He said that taking the on-prem Nessus scanner to the cloud is the next step he sees for Tenable and DoD.
“As everything moves into the cloud – becomes smaller, microservices, containerization – we will need to see some on-prem version of a vulnerability scanner, data analysis that can be done on the fly in the cloud,” he said. “The cloud scalability is almost instantaneous, and at a snap with your fingers, you can spin 200,000 to 500,000 virtual machines.”
As DoD prepares to soon issue its Joint Enterprise Defense Infrastructure (JEDI) cloud contract, Katzman said JEDI looks to break down the siloed nature of each military service’s servers and networks. Since DoD can deploy Tenable.sc under ACAS at various levels so that it can report to one or more security center instances, ACAS can enable DoD leadership to have a greater view into and control over the total enterprise-wide IT assets and vulnerabilities compliances of the department.
Katzman said JEDI and other enterprise-wide cloud solutions therefore work well together with ACAS – which provides the flexibility and enterprise-wide capabilities that DoD needs in its internal vulnerability network monitoring, making the future of cloud migration at DoD and ACAS’s growth one that easily flies on the same trajectory.