October 13, 2011
By John Thornton, Executive Vice President
Sales & Marketing Amalgamated Family of Companies
Healthcare reform legislation, heightened emphasis on protecting individuals’ sensitive data and preventing data breaches, as well as the ongoing expectation of information access on a 365/24/7 basis via the Internet have all increased business’ requirements for their third-party administrators (TPA).
Knowing what you should expect from your TPA today in terms of service flexibility, leading-edge information technologies (IT) including web-based applications, robust reporting capabilities and branding support is the first step toward receiving “Best in Class” TPA services.
A TPA should be able to serve its clients as a one-stop resource. They should be capable of addressing all of their clients’ administrative needs, and assist them in accessing other valuable products and services such as medical stop loss insurance, medical case management, disease management, wellness programs, etc.
Flexibility and accommodating services are also essential qualities which should be expected from a TPA today. Again, there are many influences affecting businesses today – some unpredictable and uncontrollable like economic conditions or changing industry dynamics. Businesses need a partner that will be able to work with them and accommodate their specific and potentially fluctuating requirements (e.g., size of employees, influx of ethnic workers, aging workforce, etc.) As part of that ability, the TPA should be able to work with a wide range of funds and employers and not expect their clients to fit neatly into set categories. While many TPAs serve specific niches, beyond that factor where it may apply, it is still important that a TPA be able to meet each client’s unique requirements.
Today, having advanced Information Technology (IT) systems, reflecting the highest level of system security, is critical. The incidences of data breaches continue to rise along with the related penalties. While the TPA is liable, for example, for violations of HIPAA in accordance with the broader requirements of the HITECH Act, such violations do not serve an organization well in terms of the trust its employees or plan members have placed with it. Inquire about a TPA’s security measures and expecting the organization to have integrated technologies, from data encryption and authentication technologies to firewalls, antivirus, antispyware software, as well as effective data breach policies (e.g., authorized-only access to sensitive data, password-activated screens, regular enforcement of changing passwords, etc.).
Also relating to technology, it should go without saying that a TPA should be providing its clients with web-based self-service, providing employers and their employees, as well as fund administrators and their union members, access to their account information on a 365/24/7 basis.
Robust reporting capabilities are also key TPA service criteria. TPAs should be able to provide comprehensive reports in formats that are relevant to their clients. Reports should encompass advanced data metrics that clearly project an organization’s benefits and insurance program applications and utilization.
Last but not least, a TPA that is truly serving as a business partner will also recognize the importance of offering their clients a private label and/or co-branded service. As more organizations struggle to maintain positive employee/member relations, particularly during a challenging economic period where layoffs, reductions in compensation and benefits are unfortunate realities, reinforcing benefits through a branded offering can be very valuable. The brand should be reflected in everything from the self-service portion of the website to brochures and correspondence to plan members.
While a prudent and thorough evaluation of any TPA is essential, organizations following these initial guidelines are more likely to experience a positive, productive and long-term relationship with their TPA.