Understanding the complex web of laws governing wellness programs is essential to designing and administering an effective wellness program.

The relevant federal laws include: the Employee Retirement Income Security Act (ERISA), the Health Insurance Portability and Accountability Act (HIPAA), the Americans with Disabilities Act (ADA), and the Genetic Information Nondiscrimination Act (GINA).  

Recommended For You

Unfortunately for plan sponsors, these laws are not always entirely aligned because the laws were enacted at different times and for different purposes.

Failure to comply with these laws may subject plan sponsors to tax penalties, government enforcement action, and all manner of litigation.

What follows is a discussion of some of the common legal errors we see companies make when establishing and administering their wellness programs.

Failing to recognize the wellness program is subject to ERISA

One common misconception is wellness programs are not subject to ERISA. Although ERISA does not apply to all wellness programs, in our experience, it applies more often than not because the definition of an ERISA welfare benefit plan is so broad. A failure to comply with ERISA can result in substantial penalties.  

A wellness program will be subject to ERISA if it:

  1. Is a plan, fund or program

  2. Is established or maintained by an employer

  3. Provides one of the listed benefits (which includes "medical care")

  4. Provides benefits to participants and beneficiaries

A typical wellness program will satisfy conditions (1), (2), and (4), leaving ERISA status dependent on whether the wellness program provides medical care — a term which is broadly defined and includes, among other things, medical treatment and diagnostic or preventive benefits.

This means if a program provides benefits such as biometric screenings or flu shots, it will generally be subject to ERISA.  

Action items:

  • Review the benefits provided under the wellness program to determine whether ERISA applies.

  • If ERISA applies, take steps to ensure compliance with ERISA's reporting, disclosure and administration requirements (e.g., written plan document, SPDs, and Form 5500 annual reports).

  • If ERISA applies, consider whether the wellness program should be combined with another welfare plan (e.g., a component of a wrap plan) to ease compliance burdens.

Participatory wellness programs that are not participation-only

HIPAA generally prohibits a group health plan from varying eligibility, benefits, or contributions (premiums) based on a health factor (e.g., medical condition, claims experience, etc.).

However, there is an exception to this rule for participatory-only programs which, (1) are offered to all similarly-situated individuals, and (2) either do not provide a reward or do not require an individual to satisfy a standard related to a health factor in order to obtain a reward.

Examples of programs which fall under this exception include rewarding attendance at a no-cost health education seminar and completion of a health risk assessment or diagnostic testing (where no further action is required based on results).

If a program is not participatory-only (i.e., it is "health-contingent"), it must comply with the complex HIPAA rules (e.g., reasonable design, voluntary, limits on rewards, and providing alternatives).

A program will be considered health-contingent (and not participatory-only) if it either: (1) requires an individual to perform or complete an activity that is related to a health factor in order to receive a reward, or (ii) requires an individual to attain or maintain a specific health standard in order to earn a reward.  

It is not always intuitive what types of programs are "participatory-only." For example, an example in the regulations makes it clear that rewarding the completion of an activity, such as walking, is a health-contingent program which must satisfy the HIPAA rules. This is true even if the incentive does not require a participant to meet a specific standard (e.g., 10,000 steps per day) in order to earn the reward.

Action item:

  • Review any rewards classified as participatory to confirm that they do not require an individual to perform or complete an activity that is related to a health factor or achieve a specific health standard.   

Using wellness programs as a gatekeeper for health plan benefits

A wellness program is subject to the ADA if it includes any disability-related inquiry or medical examination (e.g., health risk assessment, biometric testing, etc.).

In order to comply with the ADA, the wellness program must be voluntary and be reasonably designed to promote health and prevent disease. Under new ADA regulations, this means the company:

  1. Cannot require employees participate in the wellness program

  2. Cannot deny coverage, limit access to a particular option, or limit benefits available under a benefit plan if an employee does not participate

  3. Cannot take any adverse employment action or retaliate against employees

  4. Provide employees a notice that satisfies certain requirements

  5. Limit any incentive offered to 30 percent of the total cost of coverage

The second requirement — which prohibits the use of a wellness program as a gatekeeper for other plan benefits — is often overlooked. For example, a wellness program violates the ADA if it requires completion of a health risk assessment as a condition of eligibility to enroll in the company's medical plan.

Action items:

  • Determine whether the program includes disability-related inquiries or medical examinations (and is therefore subject to the ADA).

  • If so, review medical plan eligibility criteria and evaluate changes are needed to avoid using the wellness program as a gatekeeper for other plan benefits (e.g., provide a premium discount instead).   

Assuming all wellness program rewards are not taxable income

Plan sponsors are often surprised to find that certain types of rewards must be included in an employee's taxable income. "Even if the gift card is provided by our wellness program vendor?" they will ask?

Yes! The IRS recently reaffirmed this with new guidance. The following summarizes the general IRS rules:

  • Cash or cash equivalents (e.g., gift cards): Taxable

  • Medical care (e.g., provision of health care services such as a flu shot or health risk assessment): Not taxable (as long as provided on a nondiscriminatory basis)

  • Other non-cash rewards: Evaluate on a case-by-case basis. Some non-cash rewards, such as certain employee discount programs, may qualify as non-taxable fringe benefits. Others, such as merchandise rewards (e.g., free iPad) will generally be taxable.

Any taxable wellness rewards should be reported on an employee's W-2 with the appropriate taxes withheld. Failure to accurately report and withhold for taxable rewards may result in penalties and interest.  

Action item:

  • Review the program rewards to determine whether any should be taxable income to employees.

Excess incentives under tobacco cessation program

Both HIPAA and the ADA restrict the amount of incentives that can be provided under a wellness program. The maximum incentive is generally equal to 30 percent of the total cost of employee-only coverage.

However, HIPAA allows the reward to be as high as 50 percent of the total cost of employee-only coverage if any reward in excess of the 30 percent limit relates to a tobacco cessation program.

The ADA does not provide for a similar higher limit for tobacco cessation programs. But, based on the current EEOC rules, the lower ADA limit will only apply if the tobacco cessation program requires that employees complete a test for the presence of nicotine or tobacco.  

Action item:

  • Review the program to determine whether it includes a tobacco cessation program and a reward that exceeds the 30 percent limit. If so, evaluate whether the higher 50 percent limit can be applied because the employee is only asked about tobacco use (no nicotine testing is done). 

Failure to comply with notice requirements

Wellness programs must comply with various notice obligations, including new rules under the ADA. In particular, the ADA now requires all programs which require medical exams or collect employees' medical information provide a notice that describes:

  • The type of medical information which will be obtained and the specific purposes for which the medical information will be used

  • The restrictions on the disclosure of the employee's medical information and the company representatives or other parties with whom such medical information will be shared

  • The methods the company will use to ensure medical information is not improperly disclosed (including whether the company complies with the HIPAA privacy and security regulations)

The EEOC's website includes a model notice which can be used for this purpose. The ADA notice needs to be distributed before any medical information is collected or any medical examination is conducted.  

The ADA notice rules apply to any program which is relying on the ADA's voluntary wellness program exception (including one that is not part of a group health plan). Keep in mind the ADA rule applies to both participatory and health-contingent programs while the HIPAA rule does not apply to participatory programs.

Action item:

  • Confirm that legally compliant notices are provided. Consider whether the ADA notice should be included as part of initial and annual enrollment materials to ensure compliance with this timing requirement. 

NOT FOR REPRINT

© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.