Eligibility and Enrollment

As states apply Medicaid work requirements, policymakers and stakeholders must look past top-line enrollment projections to grasp the full scope of the impact. Experience shows that work requirements introduce administrative complexity, enrollment volatility, and financial ripple effects across Medicaid programs, health insurers/managed care organizations (MCOs), providers, and employers. 

For stakeholders evaluating potential implementation, the central question is not simply how many people will lose coverage, but rather: how will this policy reshape enrollment, risk pools, utilization, provider finances, and commercial insurance markets within a specific state? 

Answering that question requires state-specific actuarial modeling grounded in real-world experience. 

Medicaid work requirements: Lessons from early state experience 

Two states, Arkansas and Georgia, that have already implemented work requirements offer important insight. The experiences in these states have highlighted the following themes:^1,2 

• Administrative complexity materially impacts state budgets and decreases Medicaid enrollment. 
• Coverage losses were primarily driven by verification and administrative hurdles instead of actual noncompliance. 
• Labor market impacts may be limited as there has been no evidence that the requirements led to sustained increases in employment.  

Expected impacts of Medicaid work requirements

The impact of these work requirements will vary by state but will likely include: 

• Loss of coverage due to administrative challenges rather than true ineligibility 
• Enrollment shifts by eligibility category and age group 
• Increased turnover frequency and coverage gap duration 
• Short-term increased utilization and severity of services due to delayed care during coverage loss 
• Longer-term acuity changes tied to interrupted care

Impacts across market segments 

Work requirements do not affect Medicaid agencies in isolation. The effects cascade through multiple stakeholders. 

State Medicaid Programs 

For Medicaid agencies, expansion adults may experience greater volatility in enrollment and average member cost. Turnover will be particularly consequential, and these interruptions in care create instability in both enrollment and expenditure projections. The effects will vary significantly by state due to differing demographics, labor markets, managed care penetration, and verification processes. Accurate forecasting requires custom modeling.  

MCOs 

For MCOs, work requirements can introduce risk pool and rate-setting challenges. Even modest increases in turnover can materially impact medical loss ratios, risk adjustment performance, and rate adequacy. Since every Medicaid program operates within a unique state environment, actuarial modeling must use state-specific data.  

Providers 

Providers, particularly safety-net hospitals and community clinics, may face critical challenges: lost Medicaid revenue, increased uncompensated care, and greater revenue cycle volatility. Providers experience increased financial pressure when coverage gaps move patient care out of primary clinics and into emergency rooms. A shift toward reactive, inpatient treatment disrupts care continuity and increases the volume of uncompensated services. Bespoke modeling could increase the accuracy of cost projections for providers based on their specific data and circumstances.  

Employers 

Work requirements may also affect employer-sponsored insurance (ESI), especially among small employers, as they historically have had a higher percentage of employees covered by Medicaid. Coverage gaps may worsen employee health status and increase absenteeism and turnover. There may be pressure to offer ESI to maintain workforce stability. Employers may be incentivized to look for defined contribution options for health insurance. There is also the potential for upward pressure on fully insured premiums due to hospital cost shifting and potential higher claim costs if individuals transitioning from Medicaid into ESI have higher unmet health needs. Large employers may be less impacted by employees’ losing coverage. However, there are still potential increases in claim costs tied to uncompensated care costs shifting into commercial healthcare costs and potentially higher claim costs for employees shifting from Medicaid. There is also potential labor market dynamics impact as health coverage becomes a larger share of total compensation, affecting hiring decisions, job quality, and worker mobility. 

Understanding these dynamics requires modeling not only Medicaid enrollment changes, but also downstream impacts on commercial insurance markets. 

Why bespoke actuarial modeling matters 

State Medicaid programs operate in vastly different environments with unique populations and managed care structures. Implementation choices create nuances, such as moving from monthly to quarterly reporting or utilizing automated wage verification, can significantly shift enrollment and costs.  

Our actuarial team builds customized models to account for these variables and provide more precise projections. During the COVID-19 Public Health Emergency (PHE), when service delivery patterns shifted dramatically, our actuaries built a specialized model to help each client adapt individual reimbursement strategies and monitor utilization trends, which was critical to maintaining the provider networks in the early stages of the PHE. 

The same disciplined, scenario-based approach applies to Medicaid work requirements. Bespoke modeling allows you to: 

• Model enrollment changes by category of aid and demographic segment 
• Quantify procedural disenrollment risk 
• Estimate turnover-related utilization volatility 
• Model potential health status deterioration due to coverage gaps 
• Assess impacts on capitation rates and commercial premiums 
• Support rate negotiations and policy decision-making 
• Evaluate employer benefit strategies, including fully insured options, level-funded plans, and defined contribution options like Individual Coverage HRAs (ICHRAs)

Most importantly, outcomes can fluctuate based on state-specific design and implementation capacity. This variation underscores the need for customized, state-level modeling rather than a reliance on broad national assumptions. 

Our work is grounded in state-specific data and operational realities. We prioritize cross-market financial dynamics to provide a precise and actionable analysis for each unique environment. 

Turning policy uncertainty into actionable insight 

Medicaid work requirements are more than an eligibility policy. They represent a structural shift with implications across public programs, managed care, provider finance, and employer-sponsored insurance. For stakeholders navigating this evolving landscape, robust and customized actuarial modeling is essential. By combining deep Medicaid experience with advanced customized modeling capabilities, our team helps clients move beyond uncertainty and provides clear data-driven insight into financial exposure, operational risk, and strategic opportunity. In an environment defined by policy change and market interconnectedness, precision matters. 

Key takeaways 

• Medicaid work requirements primarily reduce coverage through administrative barriers, not widespread noncompliance. 
• Enrollment volatility and coverage gaps create downstream effects on utilization, risk pools, and costs. 
• Early state experience shows limited employment gains, alongside meaningful disruption to Medicaid programs. 
• Impacts extend beyond Medicaid to MCOs, providers, employers, and commercial insurance markets. 
• State-specific actuarial modeling is essential to accurately forecast enrollment shifts, financial exposure, and cross‑market impacts.    

About BerryDunn 

Our team plays a key role in helping healthcare clients maintain financial stability by accurately assessing risks. Like our clients, who range from not-for-profit managed care organizations, risk-bearing provider systems, and group health insurance purchasers to state insurance regulators and government healthcare policy agencies, each of our solutions is unique. We embrace innovative, creative ideas to achieve the best possible results, and tailor our engagements to meet each client’s needs, providing the right services at the right time. Learn about our team and services.

References 

1. Arkansas study 5 Key Facts About Medicaid Work Requirements | KFF, Medicaid eligibility and enrollment in Arkansas 
2. Georgia study CMS’s Georgia Waiver Extension Underscores the Failure of Medicaid Work Requirements – Center For Children and Families 
3. State level cost/enrollment estimates Medicaid Cuts and the States: Tracking State-Specific Estimates of the Impacts of Proposed Changes 

Read this article if you are a compliance officer, risk manager, or healthcare administrator in an ambulatory care practice, federally qualified health center, or rural health center and have responsibility for developing your organization’s workplace violence prevention program or complying with state reporting requirements.

Did you know workplace violence is increasingly prevalent in the healthcare industry? If your organization doesn’t have a plan, it might be time to consider one. This article addresses the definition and types of workplace violence, regulations, plan elements, and other considerations. 

Workplace violence in healthcare by the numbers 

Data from the US Bureau of Labor Statistics shows that prior to the COVID-19 pandemic, the incidence rate of nonfatal workplace violence to full-time healthcare workers was 10.4 per 10,000 in comparison to an all-worker rate of 2.1 per 10,000. In 2018, healthcare workers accounted for 73% of all nonfatal workplace injuries and illnesses due to violence.

Post-pandemic, the Bureau of Labor Statistics reported that healthcare and social assistance workers experienced the highest counts and annualized incidence rates for workplace violence of any private industry sector over the two-year period from 2021 – 2022. There were 41,960 total nonfatal cases of workplace violence requiring days away from work, job restriction, or transfer in the healthcare and social assistance industry over this time, accounting for 72.8% of all cases in private industry over the two-year period. These cases occurred at an annualized incidence rate of 14.2 cases per 10,000 full-time workers.

How is workplace violence defined?  

In its 2024 Comprehensive Accreditation Manual for Behavioral Health Care and Human Services Glossary, The Joint Commission (TJC) defined workplace violence as, “Any act or threat occurring in the workplace that can include any of the following: 

• Verbal, nonverbal, written, or physical aggression 
• Threatening, intimidating, harassing, or humiliating words or actions 
• Bullying 
• Sabotage 
• Sexual harassment 
• Physical assaults 
• Other behaviors of concern involving staff, licensed practitioners, patients, or visitors”    

How is workplace violence classified? 

The Institute for Healthcare Improvement (IHI) is a leading, globally recognized, nonprofit healthcare improvement organization that has been applying evidence-based quality improvement methods to meet healthcare challenges for more than 30 years. In its Framework for Standardized Data Collection of Workplace Violence Incidents in Health Care, the IHI classifies workplace violence incidents into five distinct categories: 

• Type 1: The offender has no connection to the workplace or its employees. 
• Type 2: The offender is a customer or patient associated with the workplace or its staff. 
• Type 3: The offender is a current or former employee of the organization. 
• Type 4: The offender maintains a personal relationship with employees but has no ties to the workplace itself. 
• Type 5: Violence motivated by ideological, religious, or political beliefs targeting a healthcare facility, its personnel, or property. This type is carried out by extremists or groups driven by their convictions. 

Have you developed a workplace violence prevention program? 

Key aspects of your healthcare organization’s or practice group’s program should include: 

• Conducting an environmental risk assessment 
• Contacting local law enforcement to build or enhance relationships 
• Performing trend analysis of reported incidents by site, location on the premises, day of week/time of day, and classification type    
• Obtaining feedback from staff: What do they consider to be reportable? This will help you develop meaningful training
• Recognizing staff champions while building the program  
• Testing your reporting system 
• Providing staff training, soliciting anonymous feedback, and identifying any unresolved questions  
• Identifying program gaps and developing remediation strategies 
• Keeping executive leadership and the Board regularly informed about the program and emerging trends or needs 

Which states require employer-sponsored workplace violence prevention programs? 

Two factors have led states to establish requirements for healthcare organizations to develop workplace violence prevention programs. The first reason for state action: There has been no corresponding action by the federal Occupational Safety and Health Administration (OSHA). Secondly, the proposed Workplace Violence Prevention for Health Care and Social Service Workers Act has not been enacted by Congress.  

As of January 2026, 20 states require mandatory workplace violence prevention plans or workplace safety* plans. These are Arizona, California, Connecticut, Illinois, Hawai’i, Kentucky*, Louisiana, Maine*, Maryland, Minnesota, Nevada, New Hampshire, New Jersey, New York, Ohio, Oregon, Texas, Vermont, Virginia, and Washington. 

In addition, seven states now require mandatory reporting of workplace violence incidents to a designated state agency. These states are California, Connecticut, Maryland, Montana, North Carolina, Oregon, and West Virginia.

BerryDunn can help 

Has your healthcare organization developed a workplace violence prevention plan? If yes, has it been reviewed recently? How do you train your staff to respond when a situation escalates? How do you analyze incidents? Do you have questions about your healthcare organization’s compliance with state requirements for submitting its plan?  Does your state require you to submit incident reports to a designated state agency? 

Our healthcare compliance team can help. We incorporate deep, hands-on knowledge with industry best practices to help your organization manage compliance and revenue integrity risks. Learn more about BerryDunn’s healthcare compliance consulting team and services. 

Additional resources for workplace violence prevention planning: 

• Boord J., Weckman A., Martinez N. Framework for Standardized Data Collection of Workplace Violence Incidents in Health Care, Boston: Institute for Healthcare Improvement; 2025. (Available at ihi.org) 
• US Bureau of Labor Statistics: Injuries, illnesses, and fatalities

As we previously wrote about, on February 20, 2026, the US Supreme Court invalidated tariffs imposed under the International Emergency Economic Powers Act (IEEPA).

Last week, the US Customs and Border Protection (CBP) announced a new process that allows importers to request refunds of those tariffs. We'll walk through how to actually claim refunds, what to expect from the process, and where complications can arise.

About the CAPE tariff refund system

CBP’s new system, called CAPE (Consolidated Administration and Processing of Entries), is an added functionality accessed through the existing ACE (Automated Commercial Environment) Portal, which most importers already use for customs reporting.

How to request a tariff refund

To submit a refund claim, importers should take the following steps:

• Confirm that your importer information and ACE Portal account are active and up to date.
• Ensure you are enrolled in ACH Refund (required to receive refund payments).
• Note: If you do not already have an ACE Portal account, be aware that setting one up can take several weeks.

Refund requests are submitted by filing a CAPE Declaration in the ACE Portal. This declaration is a spreadsheet‑style (.CSV) file listing entries eligible for refunds of IEEPA tariffs. Each declaration can include up to 9,999 entries, with additional filings required for larger volumes. CBP provides guidance on how to prepare and submit this file.

Which imports qualify for tariff refunds?

At this time, refund claims are only available for:

• Unliquidated entries
• Entries liquidated within the past 80 days

Other types of entries are currently excluded from the CAPE process. CBP has indicated that future system expansion may allow for the submission of additional types of claims beyond the above. Importers are encouraged to consult with their customs broker or advisor(s) to determine whether any of their imports fall into excluded categories and whether additional steps are needed to protect refund claims.

How long does the refund process generally take?

Once a CAPE Declaration is submitted:

• The invalid IEEPA tariffs are removed.
• Duties are recalculated as if those tariffs never applied.
• Refunds including 6% interest are automatically calculated.
• Payments are made via ACH, generally within 60 – 90 days after acceptance of the CAPE Declaration.

How BerryDunn can help

Our dedicated audit, tax, and consulting professionals understand the impact of tariffs and can assist with developing strategies for refunds as they become available. Learn more about our team and services.

In today’s increasingly digital environment, cybersecurity has become a critical concern for nonprofit (NFP) organizations. While many NFPs operate with smaller teams and tight budgets, they still handle sensitive information—donor records, payment data, client demographics, and sometimes even health‑related or financial assistance files. Unfortunately, cybercriminals recognize this and often view NFPs as soft targets with valuable data. Because community trust is so important, a cybersecurity incident can create financial and reputational hurdles for an organization. The good news, however, is that strong cybersecurity safeguards do not always require major capital investments. With strategic planning and a focus on essential controls, even the most resource‑constrained organizations can significantly reduce cyber risk.

The cyber threat landscape for nonprofits 

NFPs face a wide variety of cyber threats, many of which exploit human error or outdated systems. Phishing attacks remain the most common, often leading to credential theft or unauthorized access to email accounts. Business Email Compromise (BEC) schemes, which can trick employees into sending fraudulent payments or sensitive data by impersonating trusted email addresses, can be particularly damaging for smaller organizations with smaller internal control structures. Beyond causing operational slowdowns, a breach can make donors and other stakeholders more cautious and raise understandable questions. 

Practical, low‑cost cybersecurity strategies 

Despite limited budgets, NFPs can meaningfully enhance their cybersecurity position by focusing on high‑impact, low‑cost strategies. 

Strengthening governance is a key first step. Establishing basic cybersecurity policies—such as acceptable use, password standards, and incident response—creates a foundation for consistent practices across employees and volunteers. Free frameworks, like the NIST Cybersecurity Framework resources, designed originally for government use, but applicable to many organizations, provide a helpful starting point, including a Quick Start Guide for small businesses.

Next, NFPs can maximize the value of technology they already own. Many cloud platforms commonly used in the sector, such as Microsoft 365 and Google Workspace, include built‑in security features at no extra cost. Enabling multifactor authentication (MFA), automatic software updates, and email filtering tools can significantly reduce the likelihood of a successful cyberattack. Removing unused accounts and reviewing permissions helps ensure attackers don't exploit dormant access. We recommend a formal user access review at least annually for small organizations and quarterly for medium-sized organizations or if there is higher turnover at a small NFP. 

Because many cyber incidents stem from unintentional mistakes, training is one of the most cost‑effective defenses. Free or low‑cost cybersecurity awareness programs can be incorporated into onboarding for staff and volunteers. Regular reminders about phishing, safe browsing, and password practices—combined with simple processes for reporting suspicious activity—create a culture of security without significant expense. 

Data protection is another essential component. Tracking where sensitive data resides and limiting access to only those who need it helps reduce exposure. Continuously testing that cloud-based backups are working effectively can ensure critical information is recoverable in the event of a ransomware attack or system failure. We recommend testing data backups at least quarterly, especially with your cloud vendors, to help ensure their responsibilities around data are being upheld.  

Finally, NFPs can leverage outsourced support and community resources. Many managed service providers offer NFPs pricing, and state or local government programs sometimes provide free cybersecurity assessments or monitoring tools. These partnerships allow small organizations to access expertise they may not be able to hire internally. 

The path to cost-effective cybersecurity 

Effective cybersecurity is achievable—even for NFPs with limited resources. By focusing on governance, human awareness, existing technology, and targeted use of outside support, NFPs can build a resilient security foundation without heavy financial investment. With the right culture and controls in place, organizations can protect their data, safeguard their reputation, and continue advancing their mission with confidence.

BerryDunn can help 

We help organizations understand their cybersecurity risk environment and translate threats into leadership-ready insights. Our consultants guide you in identifying actionable next steps, gaining engagement and buy-in from key decision-makers. With deep experience across sectors, we deliver practical cybersecurity solutions tailored to your systems and compliance needs. Learn more about our team and services. 

For many people, charitable giving is deeply personal, motivated less by tax considerations and more by values and a connection to a cause or organization. While tax benefits are rarely the primary reason people give, understanding how charitable contributions may affect your taxes remains important. 

Tax benefit for charitable giving 

Generally, a tax benefit for charitable giving was only available to taxpayers who itemized their deductions. In 2017, with the passing of the Tax Cuts and Jobs Act, the standard deduction was increased and the state and local tax (SALT) deduction was capped at $10,000. These changes made it more beneficial for some taxpayers to shift from itemizing their deductions to taking the standard deduction. This shift essentially removed the federal tax benefit for charitable giving for such taxpayers. For some, this put charitable giving on the sidelines, either by reducing giving, not giving to qualified public charities, or simply not keeping track of their giving. 

2026 charitable tax benefit with standard deduction 

Beginning in 2026, a permanent change expands the charitable tax benefit to taxpayers who take the standard deduction. Under the One Big Beautiful Bill Act, non-itemizers may now claim an above-the-line charitable deduction up to $2,000 for married taxpayers filing jointly (or $1,000 for single filers).  

To qualify to take this deduction, a few requirements must be met: 

• The donation must be cash 
• The donation must be made to a qualified public charity 
• The donation cannot be a contribution to a donor-advised fund 

Some important reminders: 

• Documentation is a must. Acknowledgment letters are a good form of documentation. 
• Verify the organization you are donating to is a qualified public charity. One common mistake some taxpayers make is assuming online crowdfunding fundraisers are qualified public charities.   
• Remember to provide your charitable giving information to your tax professional.   

Admittedly, the change is modest, not transformational, but it does broaden the number of taxpayers who benefit from donating to charity. It is important to keep in mind that each individual taxpayer’s situation is unique. State tax implications must also be considered, as not all states follow federal tax law.  

BerryDunn can help 

Our seasoned tax professionals partner with you to offer practical, accessible guidance and to develop a detailed strategy that supports your unique needs. We excel at tax strategy and solutions, placing an emphasis on building long-term relationships. Our deep expertise spans a full range of tax concerns, tax services, and consulting to support individuals, businesses, and nonprofit organizations. Our consultants are specialists in their industry, working closely with their colleagues across the firm to deliver integrated, comprehensive solutions. Learn more about our team and services.