Benefits Report
With the growing usage of GLP-1 medications in the U.S., plan sponsors have been exploring different methods for covering the highly-demanded medications under their group health plans, while using cost-containment measures to offset the high costs associated with covering GLP-1s. With the ever-expanding list of plan design options for covering GLP-1s, it is important to keep in mind how federal laws may impact plan design and administration of GLP-1 coverage.
Background on GLP-1s
GLP-1s (shorthand for glucagon-like peptide-1 receptor agonists) are medications that are used to treat type-2 diabetes and obesity and are well known for their effects on weight loss. There are several GLP-1s that are FDA-approved for adults who are overweight or obese, and even a few that are approved for children or teenagers.[1] Although various GLP-1s may be prescribed for other uses, such as to treat sleep apnea or cardiovascular disease, they are commonly used for weight loss and have been growing in popularity in recent years due to their success in helping people lose weight.
With the increase in demand for GLP-1s, employers have been looking for ways to manage costs due to the high price tag for GLP-1s—the cost of GLP-1s for weight management can be $1,000 or more per month, per individual prescription. Although employer-sponsored group health plans may utilize cost containment measures (or even consider removing coverage for such GLP-1s) to mitigate the high costs associated with GLP-1s, employers should consider the following compliance issues when designing their GLP-1 coverage.
ACA and Essential Health Benefits
To lower the cost of providing GLP-1 coverage for weight management, some plan sponsors have shifted the cost of these medications to participants by way of cost-sharing. For example, some plans may impose higher co-pays for GLP-1s or exclude any cost-sharing amounts from the annual out-of-pocket maximum. However, plan sponsors must consider whether higher participant cost-sharing has Affordable Care Act (ACA) implications.
Under the ACA, group health plans are prohibited from imposing annual and lifetime dollar limits on Essential Health Benefits (EHBs), the categories for which are defined by the Department of Health and Human Services (HHS).[2] Additionally, the ACA requires group health plans to establish an out-of-pocket maximum, which limits the overall out-of-pocket costs (i.e., deductibles, coinsurance, copayments, etc.) participants can pay in a year for EHBs.
The list of EHBs includes prescription drugs, although large and self-funded employer-sponsored plans have flexibility in determining which prescriptions drugs will be considered EHBs based on the state-benchmark plan they select.[3] If a plan uses a state-benchmark plan that does not include GLP-1s for weight loss (currently, only one state includes GLP-1s for weight loss in their benchmark plan), then the plan may impose annual or lifetime limits on GLP-1 coverage for weight loss. In addition, any out-of-pocket costs that participants incur as a result of using these medications for weight loss are not required to be counted toward their out-of-pocket maximum when they are not considered EHBs.
However, sponsors of large and self-funded group health plans should keep in mind that there may be changes to the EHB rules, such that all prescription drugs covered by a large or self-funded plan (i.e., including drugs that are in excess of those covered by a state’s EHB-benchmark plan) will be considered EHBs. The Department of Labor, HHS, and the Department of Treasury under the Biden administration issued guidance stating their intent to propose rulemaking that would require large and self-funded group health plans to treat all prescription drugs covered under their plans as EHBs.[4] Whether the Trump administration will follow through on this is currently questionable, but plan sponsors will need to revisit their plan design should such guidance be issued.
Weight-Management Programs
Pairing GLP-1s with a weight-management program is a popular plan design for sponsors looking to cover GLP-1s for weight loss while also containing costs—though some plans merely offer weight-management programs in tandem with GLP-1 coverage, while others require participation in the weight management program as a prerequisite for subsidized GLP-1 coverage. Depending on their design, some of these weight-management programs are wellness programs that can rise to the level of a group health plan under the Employment Retirement Income Security Act of 1974, as amended (ERISA) when they provide “medical care” (i.e., physical examinations, nutrition counseling, prescription drugs, etc.). Wellness programs that are group health plans are subject to compliance obligations under several federal statutes, including the Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules, the Consolidated Omnibus Budget Reconciliation Act of 1985 (COBRA), and the Genetic Information Nondiscrimination Act (GINA). Additionally, wellness programs that impose penalties for non-participation (e.g., individuals that do not participate in the wellness program have higher cost-sharing for GLP-1s) can pose issues under the HIPAA Nondiscrimination rules and the Americans with Disabilities Act (ADA).
HIPAA Nondiscrimination
HIPAA generally prohibits group health plans from using health factors to discriminate among similarly situated individuals with respect to eligibility, premiums, or contributions. An exception to HIPAA’s nondiscrimination requirements is a wellness program that is reasonably designed to promote health or prevent disease. The HIPAA nondiscrimination rules describe two types of wellness programs: (1) participatory programs, and (2) health-contingent programs.[5]
A participatory program is one that does not condition eligibility to receive a reward (e.g., cost-sharing discount or absence of a premium surcharge) on a participant’s satisfaction of a standard related to a health factor and are permissible if participation in the program is available to all similarly situated individuals. For example, a weight management program that is available to all full-time employees and offers reduced co-pays for GLP-1s to individuals participating in the program (e.g., completing a health risk assessment), regardless of whether they lost weight or met a similar health standard, would likely be considered a permissible participatory program.
Health-contingent wellness programs on the other hand require individuals to satisfy a standard related to a health factor in order to obtain a reward and must satisfy numerous requirements in order to be compliant with the HIPAA nondiscrimination rules. Health-contingent wellness programs can either be an activity-only wellness program (e.g., exercise or diet programs) or an outcome-based wellness program (e.g., attaining a certain BMI score), and the financial reward offered under these programs is generally limited to 30% of the total cost of employer and employee contributions for employee-only coverage under the plan, among other requirements. The rules for designing and administering health-contingent wellness programs are complex, so plan sponsors will need to exercise caution when implementing a weight management program that requires participants to satisfy a health factor standard in order to receive GLP-1 coverage.
ADA Compliance
The ADA prohibits disability-related discrimination in employment, which covers all aspects of the employment process, including disability-related medical examinations and inquiries. One exception to the prohibition on medical examinations and inquiries is for voluntary medical examinations and disability-related inquiries under a wellness program that is reasonably designed to promote health or prevent disease, among other requirements.[6] A wellness program that requires examinations and inquiries may qualify for this exception if it does not require the employee to participate in the program (i.e., the program is voluntary) and does not deny coverage or limit the extent of benefits under the employer’s group health plan for non-participants (i.e., the program does not act as a gatekeeper to receiving coverage generally or receiving certain benefits (known as the “gateway” provision)).
With respect to the “voluntary” prong, outside of the current regulations, there is no additional guidance from the Equal Employment Opportunity Commission (EEOC) regarding the extent to which a wellness program will no longer be considered voluntary based on the size of financial incentives (i.e., rewards or penalties) offered to employees who participate in the wellness program.[7] Weight management programs often require medical examinations or health risk assessments for participants, which are considered disability-related inquiries or examinations for ADA purposes. For wellness programs that provide GLP-1 coverage in connection with wellness program participation in which participants are required to submit to a medical examination or inquiry, employers will need to consider whether the incentives offered make participation in the program truly voluntary.
Under the “gateway” provision, employers are not prohibited under the ADA from denying an incentive for non-participation in a wellness program that includes disability-related inquiries or medical examinations; however, the ADA does prohibit the outright denial of access to a benefit available by virtue of employment. For example, an employer that offers several medical options, such as a PPO and HMO, cannot require that employees who decline to participate in its wellness program enroll in the HMO.
It should be noted that wellness programs that do not require disability-related inquiries or medical examinations (such as programs that only provide general nutrition and weight-loss counseling) will not be subject to these ADA requirements.
Disability Discrimination
Some plan sponsors have considered limiting or removing GLP-1 coverage for weight loss entirely from their group health plans in order to save on costs, while maintaining GLP-1 coverage for other issues (i.e., diabetes management). However, plan sponsors will need to consider whether such changes could make the plans subject to disability discrimination claims under federal law on the basis that the plans are discriminating against individuals with obesity.
Several courts have considered the question of whether obesity is considered a disability under the ADA. A majority of federal courts have found that obesity by itself is not a disability, but that it can be considered a disability if it is caused by an underlying health condition (such as diabetes). Some courts, though, have held that obesity is a disability under the ADA, even in the absence of an underlying health condition.
Notably, recent litigation on this front has posed the question of whether a group health plan’s exclusion of GLP-1 coverage for weight loss constitutes disability discrimination, although no final decisions have yet been rendered on this issue.[8] Sponsors of self-funded group health plans should monitor ongoing litigation for updates. Should courts find that removal of GLP-1 coverage amounts to disability discrimination, self-funded plans that cover GLP-1s for diabetes but not obesity will likely need to be amended to cover the prescriptions for both conditions or neither of them.
Conclusion
With the ever-growing list of creative plan designs for GLP-1s, plan sponsors will need to carefully review their options and ensure that coverage (or lack thereof) of GLP-1s for weight loss is compliant with applicable requirements. If you have questions regarding GLP-1 coverage or other health plan issues, please contact us.
Conclusion
With the ever-growing list of creative plan designs for GLP-1s, plan sponsors will need to carefully review their options and ensure that coverage (or lack thereof) of GLP-1s for weight loss is compliant with applicable requirements. If you have questions regarding GLP-1 coverage or other health plan issues, please contact us.
[2] ACA, Pub. L. No. 111-148, § 1302(b) (2010); 45 CFR § 156.110 et seq.
[3] Large insured and self-funded group health plans are not required to offer EHBs, although they are required to comply with the prohibition on annual and lifetime limits with respect to EHBs. These plans can satisfy this requirement by selecting a state’s approved EHB-benchmark plan for purposes of the defining the applicable EHBs. 29 C.F.R. §2590.715-2711(c).
[4] FAQ About Affordable Care Act Implementation Part 66, https://www.dol.gov/sites/dolgov/files/ebsa/about-ebsa/our-activities/resource-center/faqs/aca-part-66.pdf.
[5] Incentives for Nondiscriminatory Wellness Programs in Group Health Plans, 78 Fed. Reg. 33158 (June 3, 2013).
[6] 29 C.F.R. §1630.14(d).
[7] Id. When the regulations were finalized in May 2016, they provided that wellness programs that used incentives, such as in the form of a financial reward or penalty, were not considered voluntary unless the maximum allowable incentive available under the program did not exceed 30% of the total cost of employee-only coverage. However, a federal court vacated the incentive limit provisions of the regulations effective January 1, 2019. See EEOC, Removal of Final ADA Wellness Rule Vacated by Court, 83 Fed. Reg. 65296 (Dec. 20, 2018). The EEOC announced proposed regulations in early 2021 to provide clarity regarding permissible incentive structures under the voluntary prong of these rules, but these regulations were withdrawn, and to date, the EEOC has not issued any further guidance on this topic.
[8] See Whittemore v. Cigna Health and Life Ins. Co., No. 2:24-cv-00206 (D. Me. Feb. 12, 2025), appeal docketed, No. 25-1248 (1st Cir. Mar. 19, 2025); see also Holland v. Elevance Health Inc., No. 2:24-cv-00332 (D. Me. Apr. 9, 2025), appeal docketed, No. 25-1359 (1st Cir. Apr. 20, 2025). These cases were filed under ACA Section 1557, which incorporates existing federal civil rights law and applies them to federally funded health programs. Self-
As financial wellness programs and the related cross-selling of products continue to expand in design and popularity, ERISA fiduciary considerations continue to mount. When recordkeepers and other service providers expand their offerings (or partner with an external party to support financial wellness initiatives), they often rely on the rich resource of participant data that they have collected to market their products. The concept is not new—recordkeepers have a long history of using participant data to market additional services and products, often as beneficial tools for participants. With recordkeepers and other non-fiduciary service providers having financial incentives to sell financial wellness products using the data they collect, plan fiduciaries need to pay attention to such sales activity and the participant data being used as part of the marketing process. A lawsuit filed in the United States District Court for the District of New Jersey is reminding ERISA plan fiduciaries that failing to do so may create significant fiduciary risk.
The lawsuit, Williams-Linzey v. Empower Advisory Group, LLC, alleges that Empower improperly and repeatedly leveraged its position as a retirement plan recordkeeper to harvest highly confidential, private financial data concerning retirement plan participants for its own economic benefit. Specifically, the lawsuit claims that Empower used the data it collected to identify retirement plan participants with large account balances nearing retirement age and target them for Empower’s managed account program. The complaint alleges that the targeted campaign falsely portrayed the managed account program as a superior investment option, despite its “extremely high costs” and regardless of whether it was actually in the best interest of participants, all for Empower’s financial gain.
The complaint offers a legal theory that is yet to be well addressed in ERISA case law—that participant data should be treated as a “plan asset” subject to ERISA’s fiduciary duties of prudence and loyalty. Under this theory, Empower would not only be held to a fiduciary standard based on its provision of investment advice, but also for its control and exercise of discretion over an alleged plan asset—that is, participant data. And while Empower is the only defendant in the case, the complaint also asserts that the plan fiduciaries breached their own fiduciary duties by failing to monitor Empower’s use of participant data. Such an assertion highlights the real-world risk of permitting recordkeeper utilization of participant data for any purpose beyond core recordkeeping responsibilities, regardless of whether the use may be beneficial to participants. This article provides practical contracting considerations for plan fiduciaries seeking to strike a balance between fiduciary risk and permitting financial wellness products.
Understanding the Risk
Data mining has undoubtedly become the gold rush of the 21st Century. In the right hands, data has the ability to influence thought and behavior and therefore create significant financial profits. Under section 404(a) of ERISA, fiduciaries must discharge their duties with respect to a plan solely in the interests of providing benefits to participants and beneficiaries, and only paying reasonable expenses for plan administration (the “duty of loyalty”), and in carrying out these responsibilities, must act with care, skill, prudence and diligence under the circumstances (the “duty of prudence”). As such, it is incumbent on plan fiduciaries to scrutinize the use of data collected by ERISA plan service providers, particularly with respect to use of the data to market additional products where there is a profit to be made (regardless of whether the additional products are ERISA plans). Failure to do so could lead to complaints from participants that they were marketed or sold unreasonably expensive or ineffective products and services at a profit to the service provider (similar to the allegations in Williams-Linzey). As such, responsible plan fiduciaries should work proactively to mitigate potential risk.
Mitigating Risk Starts with Good Contracting
As the promotion of financial wellness offerings by recordkeepers and other service providers continues to expand, contractual terms around data usage are becoming more robust and complicated. The provisions are typically contained in two sets of terms: terms covering the use of participant data outside of core services and terms covering cybersecurity. Careful review, consideration and scrutiny should be paid to both sets of terms in order to protect the interests of participants and mitigate unnecessary fiduciary risk.
Terms Addressing Use of Participant Data
When entering into service agreements, responsible plan fiduciaries should be thinking critically about how they might reasonably make appropriate program offerings available without disregarding the fiduciary duties of loyalty and prudence. To strike a balance when negotiating service agreements, plan fiduciaries should consider the following:
Terms Addressing Cybersecurity
As technology evolves, including electronic communication, ERISA plans are growing targets for cyber attacks. While cybersecurity safeguards are critical in the maintenance of any ERISA plan, they have heightened importance where participant data may be used for ancillary purposes, as data is likely to be more robust, stored for longer and in more locations, and will necessarily be accessible by more parties. If participant data were to be accessed by unauthorized parties (a cybersecurity breach), it could compromise participant financial safety and security and expose the plan fiduciaries to liability.
In 2021, the Department of Labor (DOL) released cybersecurity best practices guidance (updated in 2024) [https://www.dol.gov/agencies/ebsa/employers-and-advisers/plan-administration-and-compliance/compliance-assistance-releases/2024-01], which responsible plan fiduciaries should contractually require service providers (and their subsidiaries and affiliates) adhere to. Released in three pieces—one geared toward plan fiduciaries, one toward service providers, and one toward participants—the guidance underscores the importance of monitoring cybersecurity compliance as a fiduciary best practice. The DOL guidance should be treated as a minimum standard; to the extent a plan sponsor’s business cybersecurity standards are greater than the standards established by the DOL, the plan sponsor should consider whether it would be appropriate to apply its business cybersecurity standards to agreements with ERISA plan service providers.
Importantly, plan fiduciaries should acknowledge the reality of cybersecurity breaches and be prepared to handle them when they arise. Fiduciaries should ensure both the plan and service providers have effective and ready-to-go breach remediation plans, such that appropriate actions can be taken as soon as reasonably possible once a data breach is discovered. Equally important, fiduciaries should consider cybersecurity insurance and require service providers handling participant data to have cybersecurity insurance that covers any breach of participant data held by the service provider, its affiliates and subcontractors (if any).
Conclusion
While the Williams-Linzey case is in its infancy, the risks associated with maintenance and use of participant data are not new. Thoughtful consideration of the fiduciary issues discussed, which importantly include careful analysis of service provider contract terms can mitigate risk, permit reasonable financial wellness offerings and simultaneously protect plan participants.
If you have any questions about your recordkeeping contracts, financial wellness products, or use of participant data, contact the Trucker Huss attorneys with whom you usually work.
With more than 30 legal professionals practicing solely in employee benefits law, Trucker Huss is one of the largest employee benefits specialty law firms in the country. Our in-depth knowledge and breadth of experience on all issues confronting employee benefit plans, and their sponsors, fiduciaries and service providers, translate into real-world, practical solutions for our clients.
We represent some of the country’s largest companies and union sponsored and Taft-Hartley trust funds. We also represent mid-sized and smaller employers, benefits consultants and other service providers, including law firms, accountants and insurance brokers.
Since its founding in 1980, Trucker Huss has built its reputation on providing accurate, responsive and personal service. The Firm has grown in part through referrals from our many satisfied clients, including other law firms with which we often partner on a strategic basis to solve client challenges.
Our attorneys serve as officers and governing board members to the country’s premier employee benefits industry associations, and routinely write for their publications and speak at their conferences.
The Trucker Huss Benefits Report is published monthly to provide our clients and friends with information on recent legal developments and other current issues in employee benefits. Back issues of the Benefits Report are posted on the Trucker Huss website (www.truckerhuss.com)
Editor: Nicholas J. White, nwhite@truckerhuss.com
In response to IRS rules of practice, we inform you that any federal tax information contained in this writing cannot be used for the purpose of avoiding tax-related penalties or promoting, marketing or recommending to another party any tax-related matters in this Benefits Report.
135 Main Street, 9th Floor
San Francisco, California 94105-1815
15760 Ventura Blvd, Suite 910
Los Angeles, California 91436-3019
329 NE Couch St., Suite 200
Portland, Oregon 97232-1332
Tel: (415) 788-3111
Fax: (415) 421-2017
Email: info@truckerhuss.com
Website: www.truckerhuss.com
Copyright © 2025 Trucker Huss. All rights reserved. This newsletter is published as an information source for our clients and colleagues. The articles are current as of the date of publication, are general in nature and are not the substitute for legal advice or opinion in a particular case.
135 Main Street, 9th Floor
San Francisco, CA 94105-1815
15760 Ventura Boulevard, Suite 910
Los Angeles, CA 91436-2964
329 NE Couch Street, Suite 200
Portland, OR 97232-1332
