Skip to Main Content

insightsarticles

Debunking the myths of HIPAA: Five steps to better compliance

03.09.21

Read this if your organization has to comply with HIPAA.

We have been monitoring HHS Office for Civil Rights (OCR) settlements as part of the HIPAA Right of Access Initiative (16 settlements and counting) and want to dispel some myths about HIPAA enforcement. Myths can be scary. It would be pretty frightening to run into Bigfoot while taking a stroll through the woods, but sometimes myths have the opposite effect, and we become complacent, thinking Bigfoot will never sneak up behind us. He’s just a myth, right?

As we offer our top five HIPAA myths, we invite you to decide whether to address gaps in compliance now, or wait until you are in the middle of the woods, facing Bigfoot, and wondering what to do next.

Myth #1: OCR doesn’t target organizations like mine.

The prevailing wisdom has been that the Office for Civil Rights only pursues settlements with large organizations. As we review the types of organizations that have been targeted in the recent past, we find that they include social services/behavioral health organizations, more than one primary care practice, a psychiatric medical group practice, and a few hospital/health systems. With settlements ranging from $10,000 to $200,000 plus up to two years of monitoring by the OCR, can you really afford to take a chance?

Myth #2: I have privacy policies, procedures, and training protocols documented, so I’m all set if OCR comes calling.

Are you really all set? When did you last review your policies and procedures? Are you sure what your staff actually does is HIPAA compliant? If you don’t regularly review your policies and procedures and train your staff, can you really say you’re all set?

Myth #3: HIPAA gives me 30 days to respond to a patient request, so it’s ok to wait to respond.

Did you try to ship a package during the 2020 holiday season? If so, do you remember checking your tracking number daily to see if your gift was any closer to its destination? Now imagine it was your health records you were waiting for. Frustration builds, goodwill wanes, and you start looking for a higher authority to get involved. 

And beware: if proposed Privacy Rule changes to HIPAA are finalized, the period of time covered entities will have to fulfill patient requests will be reduced from 30 to 15 days.

Myth #4: If I ignore the problem, it will go away.

Right of Access settlement #10 dispels this myth: A medical group was approached by OCR to resolve a complaint in March 2019. Then again in April 2019. This issue was not resolved until October 2020. Now, in addition to a monetary settlement, the group’s Corrective Action Plan (CAP) will be monitored by the OCR for two years. That’s a lot of time, energy, and money that could have been better spent if they worked to resolve the complaint quickly.

Myth #5: OCR will give me a “get out of jail free” card during the pandemic.

As one of our co-workers said, “Just because they are looking aside does not mean they are looking away.” The most recent settlement we have seen to OCR’s Right of Access Initiative was announced February 10, 2021, showing that the initiative is still a priority despite the pandemic.

Are you ready to assess or improve your compliance with HIPAA Right of Access rules now? Contact me and I will help you keep OCR settlements at bay. 

Related Services

Consulting

Organizational and Governance

Related Professionals

Principals

BerryDunn experts and consultants

Read this if you use QuickBooks. 

Want to break up an estimate into multiple invoices? QuickBooks Online supports progress invoicing.

If you do large, multi-part projects for customers, you may not want to wait until absolutely everything is done before you send an invoice. This can be especially problematic when you have to purchase a lot of materials for a job that will eventually be billed to the customers.

QuickBooks Online has a solution for this: progress invoicing. Once you’ve had an estimate approved, you can split it into as many pieces as you need, sending partial invoices to your customer for products and services as you provide them, rather than waiting until the project is complete. If cash flow is a problem for you, this can be a very effective solution. You might be able to take on work that you otherwise couldn’t because you’ll be getting paid periodically.

Setup Required

Progress invoicing requires some special setup steps. First, you’ll need to see whether QuickBooks Online is prepared for the task. Click the gear icon in the upper right and select Account and settings under Your Company. Click the Sales tab and scroll down to Progress Invoicing. It may just say On to the right of Create multiple partial invoices from a single estimate. If it doesn’t, click the pencil icon to the right and turn it on. Then click Save and Done.

You’ll also have to choose a different template than the one you use for standard invoices. Click the gear icon and select Custom form styles. Click New style in the upper right and then click Invoice. Enter a new name for the template to replace My INVOICE Template, like Progress Invoice. Then click Dive in with a template or Change up the template under the Design tab. Select Airy new by clicking on it. This is the only template you can use for progress invoicing.

When you’re creating a template for your progress invoices, you’ll have to select Airy new.

Now, click on Edit print settings (or When in doubt, print it out). Make sure there’s no checkmark in the box in front of Fit printed form with pay stub in window envelope or Fit to window envelope. Then click on the Content tab. You’ll see a preview of the template (grayed out) to the right. Click the pencil icon in the middle section. Select the Show more activity options link at the bottom of the screen.

If you want to Group activity by (Day, Week, Month, or Type), check that box and select your preference. Go through the other options here and check or uncheck the boxes to meet your needs. Then click Done. You’ll see your new template in the list of Custom form styles.

QuickBooks Online allows you to designate one form style as the default. This is the form that will open when you create a new invoice or estimate template. If you plan to send a lot of progress invoices, you might want to make that the default. To do this, find your new template in the list on this page and click the down arrow next to Edit in the Action column. Click Make default. If you leave your standard invoice as the default, you can always switch when you’re creating an invoice by clicking the Customize button at the bottom of the screen.

Creating a Progress Invoice


You can see what your options are for your progress invoice.

Invoice and estimate forms in QuickBooks Online are very similar. The only major difference is that estimates contain a field for Expiration date. To start the process of progress invoicing, select an estimate that you want to bill that way. Click the Sales tab and select All Sales. Find your estimate and click on Create invoice in the Action column. A window like the one in the above image will appear.

You can bill a percentage of each line item or enter a custom amount for each line.  If you choose the latter, the invoice that opens will have zeroes in the Due column. You can alter the amount due for any of these by either a percentage or an amount and/or leave them at zero if you don’t want to bill a particular product or service. Either way, the Balance due will reflect your changes. When you’ve come to the last invoice for the project, you’ll check Remaining total of all lines.

Once you’ve chosen one of these options, click Create invoice. Double-check the form and then save it. You can now treat it as any other invoice. To see a list of your progress invoices, run the Estimates & Progress Invoicing Summary by Customer report.

As you can see, there are numerous steps involved in creating progress invoices. Each has to be done with precision, so the customer is billed the exact total amount due at the end. We can help you accomplish this. We’re also available to help with any other QuickBooks Online issues you have. Contact our Outsourced Accounting team to set up a consultation.

Article
How does progress invoicing work in QuickBooks Online?

Read this if you are a plan sponsor of employee benefit plans.

This article is the ninth in a series to help employee benefit plan fiduciaries better understand their responsibilities and manage the risks of non-compliance with Employee Retirement Income Security Act (ERISA) requirements. You can read the previous articles here

Employee benefit plan loan basics 

If your plan’s adoption agreement is set up to allow loans, participants can borrow against their account balance. Some participants may find this an attractive option as the interest they pay on the loan is returned to their retirement account as opposed to other loans where the interest is paid to the lender. 

Additionally, while interest is charged at the market rate, it may be lower than other options available to the participant, such as a credit card or other unsecured debt. Unlike hardship distributions, there are no restrictions on the circumstances under which a participant may take a loan. A potential downside is that if the borrower defaults on the loan or ends their employment and cannot repay the loan in full, it converts from a loan to a deemed distribution, potentially incurring taxes and penalties.

If a participant decides that an employee benefit plan loan is their best option, they will apply for the loan through your plan administrator. Loans are limited in both size and quantity. Participants may take loans up to 50% of their vested account balance with a maximum loan of $50,000. The provisions of a plan determine how many loans an employee may have at once; however, the combined loan balances cannot exceed 50% of the employee’s vested balance or $50,000. Furthermore, the $50,000 loan maximum must also consider payments made on loans within the previous 12 months.

Repayment of employee benefit plan loans

Repayment of employee benefit plan loans may be done through after tax payroll contributions, making it a relatively easy process for the participant. If a plan sponsor elects to provide this repayment option, they must ensure that repayments are remitted to the plan in a timely manner, just as they must with other employee funded contributions. The term of the loan is typically limited to five years and must be repaid in at least quarterly installments. However, a loan can be extended to as long as thirty years if specified within the plan’s loan policy. If the loan term is for longer than five years, the loan proceeds must be used to purchase a primary residence.

Like any source of debt, there are pros and cons to taking out an employee benefit plan loan, and it remains an important option for participants to understand. The benefits include the ease of applying for such a loan and loan interest that is then added to the participant’s retirement account balance. Potential pitfalls include lost earnings during the loan period and the risk of the loan becoming a deemed distribution if the participant is unable to repay within the allotted time. 

If you would like more information, or have specific questions about your specific situation, please contact our Employee Benefits Audit team.

Article
Retirement plan loans: A brief review

Read this if you have a blended workforce with both in-office employees and remote workers.

It is hard to believe it has been nearly a year and a half since we started our remote work journey. At the time, many thought the move to working remotely would be short term. Then, a couple of weeks turned into a month, a month into another month, another month into a year and, some employers are now finally considering re-opening their offices.

Back in April 2020, we provided some internal control challenges, and potential solutions, faced by working in a remote environment. These challenges included exercising appropriate tone at the top, maintaining appropriate segregation of duties, and ensuring timely review, amongst others. Although these challenges still exist, there are new considerations to address as we transition into (hopefully) a post-pandemic world.

Blended workforces

As we mentioned in that article, since people have now been forced to work in a remote environment, they will be more apt to continue to do so. For some employees, the perks of ditching that long commute outweighs the free coffee they receive in the office. Employers have a decision to make—do we allow our employees the option to continue to work from home or, do we require employees to work from the office, as was standard pre-pandemic? Now that employees have exhibited the ability to work from home efficiently and effectively, it may be difficult to move all employees back into the office. Requiring all employees to return to the office could result in employees seeking employment elsewhere, and the option to work remotely is a selling point for many recruiters. Furthermore, disallowing remote work could cause employees to feel distrusted or undervalued, possibly leading to less efficient and effective work.

However, remote work comes with many challenges. Although video chat has been instrumental in navigating the remote work environment, it still has limitations. Nothing can beat in-person conversations and the relationships they help build. Nearly every video chat has a purpose, and unfortunately, you can’t just “run” into somebody in a video chat as you can in the office. Building camaraderie and instilling your company’s culture is difficult in a remote environment. And, if your workforce is blended, with some working in the office while others work remotely, building culture may be even more difficult than if your entire workforce was remote. Employees in the office may be less apt to communicate with remote colleagues. If you have a task you wish to delegate, you may think of giving the assignment to someone in the office prior to thinking of your remote co-workers that may be just as able and willing to complete the assignment. It will be important to ensure all employees are provided with equal opportunities, no matter of where they work.

Remote work policy

Regardless of your company’s decision to allow employees to work remotely or not, we recommend developing a remote work policy addressing expected behaviors. When developing such a policy, consider:

  •  Will the policy’s provisions apply to the entire company or will there be different provisions by department? If the latter, consider what the implications may be on employee morale.
  • Will there be a minimum amount of days per week that must be spent in the office?
  • If employees are allowed to work remotely, do they need to work a set schedule or can the frequency, and which days they work remotely, change from week to week?
  • Who should the employee communicate their decision to? How will this information then be shared company-wide?
  • How do remote employees address document destruction? If they are handling sensitive and confidential documents, how should they dispose of these documents?
  • Similarly, what are the expectations for protecting sensitive and confidential information at home?
  • Are employees allowed to hook up company-provided equipment to personal devices, such as personal printers?
  • If an employee is customer/client facing, what are the expectations for dress code and backgrounds for video chat meetings?
  • What will staff development look like for individuals working remotely? Alternatively, what will their involvement look like in onboarding/developing new employees?
  • What are the expectations for meetings? Will all meetings be set up in a manner that accommodates in-person and remote attendees? Are there meetings where in-person attendance is mandatory?

The importance of these considerations will likely differ from company to company. Some of these considerations may be addressed in other, already existing policies.

Are your internal controls “blended workforce” ready?

If your company plans to allow employees to work remotely, you will need to assess if your internal controls make sense for both in-office and remote employees. Typically, internal controls are written in a manner irrespective of where the employee resides. However, there may be situations that require an internal control be re-worked to accommodate in-office and remote employees. For instance, do you have an internal control that references a specific report that can only be run in-office? If the control owner plans to transition to a hybrid work schedule, does the frequency of the internal control need to change to reflect the employee’s new schedule? Alternatively, does it make sense to transition this internal control to someone else that will be in the office more frequently?

Internal control accommodations

The transition to a remote environment was expeditious and many thought the remote environment would be over quickly. As a result, there may have been modifications to internal controls that were made out of necessity, although they were not ideal from an internal control standpoint. The rationale for these accommodations may have been the expectation that the remote environment would be short-lived. Although these accommodations may have made sense for a short amount of time, and posed little to no additional risk to your company, the longer these accommodations remained in effect, the greater the chance for unintended consequences. 

We recommend reviewing your internal controls and creating a log of any internal control accommodations that were made due to the pandemic. Some of these modifications may continue to make sense and, after operating under the new internal control for an extended period of time, may even be preferable to the previous internal control. However, for those modifications that do appear to have increased control risk, control owners should assess if the length of the pandemic could have resulted in inadequately designed internal controls. And, if so, what could the consequences of these poorly designed internal controls have been to the company?

Internal control vs. process

While reviewing your company’s internal controls, it will also be a good time to ensure your internal control descriptions actually describe an internal control rather than simply a process. Although having well-documented processes for your company’s various transaction cycles is important, a good internal control description should already incorporate the process within it. Think of your internal control descriptions as writing a story—the “process” provides background information on the characters and setting, while the “internal control” is the story’s plot.

For example: The Accounting Manager downloads the market values from the investment portfolio accounting system and enters the market values into the general ledger on a monthly basis. Once the journal entry is entered, the Accounting Manager provides the market value report and a copy of the journal entry to the Controller.

Although a savvy reader may be able to identify where the internal control points are within this process, it could easily be modified to explicitly include discussion of the actual internal controls. The text in bold below represents modifications to the original:

The Accounting Manager downloads the market values from the investment portfolio accounting system and enters the market values into the general ledger on a monthly basis. Once the journal entry is entered, the Accounting Manager provides the market value report and a copy of the journal entry to the Controller via email. This email serves as documentation of preparation of the journal entry by the Accounting Manager. The Controller then reviews the market value report against the journal entry for accuracy. Once approved, the Controller posts the journal entry and replies to the email to indicate their review and approval. The Accounting Manager saves the email chain as auditable evidence.

The text additions in bold font help provide a complete story. A new employee could easily read this description and understand what they need to do, and how to appropriately document it. Most importantly, the internal control is both in-office and remote environment friendly.

Transitioning back to the office has resulted in a mixture of excitement and anxiety. Routine office norms, such as shaking hands and having a spontaneous meeting over a cup of coffee need to be relearned. Likewise, policies and internal controls need to be revisited to address the changing landscape. The more proactive your company can be, the better positioned it will be to accommodate its employees’ demands, while also maximizing the effectiveness of its internal controls. Please contact David Stone or Dan Vogt if any questions arise.

Article
May the "blended workforce be with you": Policy and internal control considerations for a new era

Read this if you are a plan sponsor of employee benefit plans.

This article is the eighth in a series to help employee benefit plan fiduciaries better understand their responsibilities and manage the risks of non-compliance with Employee Retirement Income Security Act (ERISA) requirements. You can read the previous articles here

The Department of Labor regulations regarding service provider fee disclosures clarify that plan fiduciaries are responsible for assessing the reasonableness of fees charged to plans in relation to services performed. 

Before a plan fiduciary is able to assess the reasonableness of plan fees, the fiduciary has to receive required fee disclosures from their covered service provider. A covered service provider is considered a party that enters into an agreement with a covered plan to provide certain services. The range of services provided generally include recordkeeping services, investment adviser services, accounting services, auditing services, actuarial services, appraisals, banking, consulting, legal services, third party administration services, or valuation services provided to the plan.

In general, the covered service providers are required to provide the plan fiduciary a disclosure of the following information:

  • All expected services and fees, and
  • All direct and indirect compensation
    • Direct compensation are fees paid to the service providers from the plan
    • Indirect compensation are fees paid to the service providers from sources other than the plan, the plan sponsor, the covered service provider, or an affiliate 

Once the service provider fee disclosures are received, the responsible plan fiduciary must assess the reasonableness of the fees in relation to the services provided. There are numerous ways a plan fiduciary can determine if the fees are reasonable. The following are some of the most common ways to determine if the plan expenses are reasonable:

  • Complete a Request for Proposal (RFP) or Request for Information (RFI) process that compares at least two vendors.
  • Complete a plan “benchmarking” project. The responsible plan fiduciary can have an independent organization compare the fees charged to the plan to plans of similar size and characteristics. Failure to determine the reasonableness of the fees charged can result in a prohibited transaction. The responsible plan fiduciary should determine and document whether the fees are reasonable. Documentation should also include the steps taken to make this determination.

It is important to remember that failure to assess the reasonableness of the service provider fees can result in a prohibited transaction. Documentation of the assessment process, including steps taken to make a determination on fee reasonableness, is the best way to avoid having a prohibited transaction.

If you have any questions while assessing your service providers’ fees, please contact our Employee Benefits Audit team.
 

Article
Service provider fee disclosures: Understanding the process

Read this if you are an organization that received federal funding subject to the Uniform Guidance. 

We are excited to announce the OMB released the 2021 Compliance Supplement late last week. This long-awaited release is effective for audits of fiscal years beginning after June 30, 2020 and supersedes the 2020 supplement and subsequent addendum. We are continuing to evaluate the changes to the supplement, but a few things to note from our early look:

  • There will be an addendum to this supplement, to address certain COVID-related relief funding with changing regulations that were not in place in time for this supplement. 
  • Good news for higher education: Part 4 of the supplement related to the Higher Education Emergency Relief Funds (within assistance listing 84.425, section 2) is not expected to be amended by the addendum.
  • The supplement is making the formal shift away from the “Catalog of Federal Domestic Assistance” (or CFDA) language to the term “Assistance Listing” in describing the number used for each program.
  • To evaluate the changes in the supplement from the prior year, consider checking out the Matrix of Compliance Requirements in Part 2 and Appendix V.

The timing for the release of the anticipated addendum has not yet been confirmed, but your audit teams are excited to get started with the new supplement. If you have any questions or need help making sense of it all, contact our Single Audit team. We’re here to help.

Article
OMB 2021 compliance supplement released

Read this if you are a small retailer in Massachusetts.

If you are a small retailer in Massachusetts, it’s likely you are already making efforts to prepare for the upcoming sales tax holiday that’s set to occur on August 14 and 15. Perhaps you have been advertising the savings to your customers, in an effort to generate more foot traffic, or putting additional signage on your door, next to your register, or on the cash wrap.  

All good steps to take, and another essential step is to educate your staff on the additional measures that need to be taken to ensure all generated sales are recorded properly.  

Larger retailers have the ability to program these types of events into their point-of-sale systems, including assigning dates and times of the promotion, types of products effected, and many more. This is nothing new for your local box store, for example. However, for the small retailer, this type of event requires much more manual intervention.  

Small retailer approaches, tips, and tricks

Turning sales tax on and off for your complete inventory is easy for most POS systems. But what if only some of the products you offer are eligible for the sales tax exemption? What is the best approach to take?

For the platform that offers inventory file uploads, a wise approach would be to export your current inventory list, adjust the sales tax as needed in Excel, and then import the new file back into the system. This will ensure the appropriate sales tax is captured for the holiday weekend. Don’t forget to do this once more, after the sales tax reprieve has ended.  

Overriding your products individually as a sale occurs may also be necessary for some POS systems. This option will require your sales associates to intervene on each individual transaction. There is great potential for increased human error, particularly in a fast-paced retail environment.  

Making a list and checking it twice

Another good idea to reduce your chance of errors is to meet with your employees at the start of each applicable shift and remind them of the sales tax holiday. Simple but effective, as is adding a simple note to your register. This can offer an additional layer of accountability.

Any sales tax collected in error during this holiday weekend will require payment to the Mass DOR, which will need to be reported on your sales tax return. If a customer discovers they paid unnecessary sales tax during the tax holiday weekend the retailer will be required to refund the customer for the tax collected. In turn, an amended sales tax return will need to be filed, for the month in question. 

When it comes time to reconcile your sales tax for the month of August, you can expect to see a bump in the exempt sales tax you will be required to report. Setting a reminder about the infrequent holiday event on your calendar can speed up your reconciliation process. Again, by writing a quick little note to remind you that you will see unusual activity could alleviate the need for any undue research.

If you have any questions about the upcoming tax holiday, please don’t hesitate to contact our Outsourced Accounting team. We’re here to help.
 

Article
Massachusetts annual sales tax holiday: Small retailer considerations

Read this if you are a plan sponsor of employee benefit plans.

This article is the seventh in a series to help employee benefit plan fiduciaries better understand their responsibilities and manage the risks of non-compliance with Employee Retirement Income Security Act (ERISA) requirements. You can read the previous articles here.

The COVID-19 pandemic has challenged individuals and organizations to continue operating during a time where face-to-face interaction may not be plausible, and access to organizational resources may be restricted. However, life has not stopped, and participants in your employee benefit plan may continue to make important decisions based on their financial needs. 

To help you prepare for a potential IRS examination, we’ve listed some requirements for participants to receive Required Minimum Distributions (RMD), hardship distributions, and coronavirus-related distributions, recommendations of actions you can perform, and documentation to retain as added internal controls. 

Required Minimum Distributions

Recently, the IRS issued a memo regarding missing participants, beneficiaries, and RMDs for 403(b) plans. If an employee benefit plan is subject to the RMD rules of Code Section 401(a)(9), then distributions of a participant’s accrued benefits must commence April 1 of the calendar year following the later of 1) the participant attaining age 70½ or 2) the participant’s severance from employment. Under the Coronavirus Aid, Relief, and Economic Security (CARES) Act of 2020, RMDs was temporarily waived for retirement plans for 2020. This change applied to defined contribution plans, such as 401(k), 403(b), 457(b) plans and IRAs. 

In addition, RMDs were waived for IRA owners who turned 70½ in 2019 and were required to take an RMD by April 1, 2020 and have not yet done so. Do note the waiver will not alter a participant’s required beginning date for purposes of applying the minimum distribution rules in future periods. Although you may be applying this waiver during 2020, it is important you prepare to make RMDs once the waiver period ends by verifying participants eligible to receive RMDs are not “missing.”

There are instances in which plans have been unable to make distributions to a terminated participant due to an inability to locate the participant. In this situation, the responsible plan fiduciary should take the following actions in applying the RMD rules:

  1. Search the plan and any related plan, sponsor and publicly available records and/or directories for alternative contact information;
  2. Use any of the following search methods to locate the participant: a commercial locator service, a credit reporting agency, or a proprietary internet search tool for locating individuals; and
  3. Attempt to initiate contact via certified mail sent to the participant’s last known mailing address, and/or through any other appropriate means for any known address(es) or contact information, including email addresses and telephone numbers.

If the plan is selected for audit by the IRS and the above actions have been taken and documented by the plan, the IRS instructs employee plan examiners not to challenge the plan for violation of the RMD rules. If the plan is unable to demonstrate that the above actions have been taken, the employee plan examiners may challenge the plan for violation of the RMD rules.

We typically recommend management review plan records to determine which participants have attained age 70½. Based on the guidelines outlined above, we recommend plans document the actions they have taken to contact these participants and/or their beneficiaries.

Hardship distribution rules

A common issue we identify during our employee benefit plan audits is that the rules for hardship distributions are not always followed by the plan sponsor. If the plan allows hardship withdrawals, they should only be provided if (1) the withdrawal is due to an immediate and heavy financial need, (2) the withdrawal must be necessary to satisfy the need (you have no other funds or ways to meet the need), and (3) the withdrawal must not exceed the amount needed. You may have noted we did not add the plan participant must have first obtained all distribution or nontaxable loans available under the plan to the list of requirements above. This is due to the recently enacted Bipartisan Budget Act of 2018 (the Act), which removed the requirement to obtain available plan loans prior to requesting a hardship. Thus, the removal of this requirement may increase the number of eligible participants to receive hardship withdrawals, if the three requirements noted are satisfied. The plan sponsor should maintain documentation the requirements for the hardship withdrawal have been met before issuing the hardship withdrawal.

The IRS considers the following as acceptable reasons for a hardship withdrawal:

  1. Un-reimbursed medical expenses for the employee, the employee’s spouse, dependents or beneficiary.
  2. Purchase of an employee's principal residence.
  3. Payment of college tuition and related educational costs such as room and board for the next 12 months for the employee, the employee’s spouse, dependents, beneficiary, or children who are no longer dependents.
  4. Payments necessary to prevent eviction of the employee from his/her home, or foreclosure on the mortgage of the principal residence.
  5. For funeral expenses for the employee, the employee’s spouse, children, dependents or beneficiary.
  6. Certain expenses for the repair of damage to the employee's principal residence.
  7. Expenses and losses incurred by the employee as a result of a disaster declared by the Federal Emergency Management Agency (FEMA), provided that the employee’s principal residence or principal place of employment at the time of the disaster was located in an area designated by FEMA for individual assistance with respect to the disaster.

Prior to the enactment of the Act, once a hardship withdrawal was taken, the plan participant would not be allowed to contribute to the plan for six months following the withdrawal. The Act repealed the six-month suspension of elective deferrals, thus plan participants are allowed to continue making contributions to the plan in the pay period following the hardship withdrawal. Prior to the Act we had seen instances where the plan participant was allowed to continue making contributions after the hardship withdrawal was taken. Now we would expect participants who received a hardship distribution to continue making elective deferrals following receipt of the distribution.

Coronavirus-related distributions

Under section 2202 of the CARES Act, qualified participants who are diagnosed with coronavirus, whose spouse or dependent is diagnosed with coronavirus, or who experience adverse financial consequences due to certain virus-related events including quarantine, furlough, or layoff, having hours reduced, or losing child care, are eligible to receive a coronavirus-related distribution. 

Distributions are considered coronavirus-related distributions if the participant or his/her spouse or dependent has experienced adverse effects noted above due to the coronavirus, the distributions do not exceed $100,000 in the aggregate, and the distributions were taken on or after January 1, 2020 and on or before December 30, 2020.  Such distributions are not subject to the 10% penalty tax under Internal Revenue Code (IRC) § 72(t), and participants have the option of including their distributions in income ratably over a three year period, or the entire amount, starting in the year the distribution was received. Such distributions are exempt from the IRC § 402(f) notice requirement, which explains rollover rules, as well as the effects of rolling a distribution to a qualifying IRA and the effects of not rolling it over. Also, participants can be exempt from owing federal taxes by repaying the coronavirus-related distribution. 

Participants receiving this distribution have a three-year window, starting on the distribution date, to contribute up to the full amount of the distribution to an eligible retirement plan as if the contribution were a timely rollover of an eligible rollover distribution. So, if a participant were to include the distribution amount ratably over the three-year period (2020 – 2022), and the full amount of the distribution was repaid to an eligible retirement plan in 2022, the participant may file amended federal income tax returns for 2020 and 2021 to claim a refund for taxes paid on the income included from the distributions, and the participant will not be required to include any amount in income in 2022. We recommend the plan sponsor maintain documentation supporting the participant was eligible to receive the coronavirus-related distribution. 

There is much uncertainty due to the current status of the COVID-19 pandemic, and this has forced many of our clients to review and alter their control environments to maintain effective operations. With this uncertainty comes changes to guidance and treatment of plan transactions. We have provided our current understanding of the guidance the IRS has provided for the treatment surrounding distributions, specifically RMDs, hardship distributions, and coronavirus-related distributions. If you and your team have any additional questions which may be specific to your organization or plan, an expert from our Employee Benefits Audit team will be gladly willing to assist you. 
 

Article
Defined contribution plan distributions: Considerations and recommendations