

Article key points:
- Health insurance compliance involves meeting legal, ethical, and professional standards, including those set by the Affordable Care Act and state regulations.
- Health insurance carriers, also known as insurance companies, decide which policies to offer, set prices, and determine coverage, subject to government regulations.
- Compliance requirements are primarily regulated by states, with federal oversight from entities like CCIIO and CMS, to protect consumers from unfair practices.
- Thousands of laws apply to insurance carriers, including those from the ACA, which impact policy writing and data privacy, making compliance a significant challenge.
- Technology and compliance officers are key to managing the complexity of healthcare laws and ensuring adherence with the industry expected to see increased regulation.
Welcome to the complex world of health insurance compliance! For insurance carriers, agents and brokers, and employers who sponsor health plans, these are rough waters to navigate.
The U.S. healthcare system is composed of private for-profit companies, government agencies, and nonprofit organizations. And the price of healthcare varies dramatically depending on where and how someone seeks out services – as well as who’s paying!
Largely in an attempt to protect consumers, the U.S. federal government and each state and territory have adopted laws governing health insurance. In part one of this three-part series, we’ll cover some of the most basic “who, what, and how” topics that apply to carriers in the health insurance game.
What is health insurance compliance?
At the most basic level, health insurance compliance refers to the act of consistently meeting the legal, ethical, and professional standards of the health insurance sector. In an industry as high stakes as healthcare, providing high-quality and safe patient care is crucial. In addition to typical state insurance standards, health insurance compliance encompasses compliance standards for brokers, producers, and employers that are selling or procuring group insurance. It also includes compliance for carriers and agencies in terms of meeting Affordable Care Act or federal standards.
What is a carrier in health insurance?
Health insurance companies, also known as insurance carriers, are at the top of the healthcare industry food chain. Government regulation aside, health insurance carriers decide which policies to offer, to which populations, how much to charge, and what each policy will cover. When someone asks, “does my insurance cover that?,” the answer is generally dictated by the insurance carrier based on the specific insurance product.
Health insurance carriers “carry” the risk of everyone they insure, so it makes sense that they try to minimize risk while maximizing profit. State and federal governments, however, have stepped in to ensure consumers receive adequate coverage in return for the premium dollars they pay.
How are health insurance companies regulated?
Like most things in insurance, compliance requirements for health insurers are primarily regulated by the states. To protect consumers from unfair trade practices, state DOIs enforce laws and healthcare regulations for health insurance companies. However, while many insurance compliance requirements stem from state DOIs, the federal government also plays a significant role in healthcare insurance regulation.
Which government entities enforce laws in healthcare?
The Center for Consumer Insurance Information and Oversight (CCIIO), created by the Affordable Care Act, governs healthcare insurance market regulations on a federal level. The CCIIO is a subset of the U.S. Department of Health and Human Services that oversees and assists states in things like reviewing insurance rates and compiling information on different health insurance options.
In addition to the CCIIO, the Centers for Medicare & Medicaid Services (CMS) work closely with states to ensure compliance with health insurance standards, implement new health insurance market reforms, and protect consumers. Often, enforcing compliance falls to the state departments of insurance themselves.
What laws impact health insurance carriers?
There are currently thousands of laws that apply to insurance carriers. As with all insurance regulations, many are dictated by state departments of insurance and some are enacted on a federal level. This creates a system under which there are as many as 57 different regulatory bodies in the U.S. as each state, territory, and the federal government weighs in.
Some examples of laws that apply to health insurance carriers include:
- Requiring health plans to “guarantee issue” a group policy to all eligible group members, regardless of health status.
- Prohibiting lifetime limits on benefits to a plan member.
- Guaranteeing a minimum hospital stay for mothers after childbirth
- Requiring coverage of specific preventive care services without cost-sharing.

Each of the above were enacted as part of the Patient Protection and Affordable Care Act (ACA), also known as Obamacare. The ACA was the most significant federal healthcare law passed since the formation of the Medicare and Medicaid programs in 1965, and many of its provisions directly impacted the way insurance carriers wrote policies.
In addition to laws governing health insurance policies themselves, insurance carriers also have to keep on top of compliance with laws that regulate what information they collect, how they can share it, and what steps they take to safeguard their policyholders’ privacy.
Compliance challenges for health insurance carriers
With over 10,000 pages of legislation in the ACA alone (not even counting prior laws), one of the largest challenges insurance companies face is just keeping track of which laws apply to each of their products. Federally, there are different provisions governing individual plans, group plans, employer-sponsored plans, healthcare marketplace plans, Medicare, and Medicaid plans. On top of that, there are variations from state to state, and an insurance carrier must sell plans that are compliant with the state they’re doing business in.
When it comes to laws that govern other aspects of an insurance carrier’s business, such as data collection and privacy, insurance companies face many of the same challenges that other businesses face in today’s age of rampant cyber-crime.
Despite insurance being one of the most highly regulated industries on the planet, insurance carriers continue to struggle and – whether intentionally or unintentionally – continue to fall short of legal requirements and face steep penalties.
Compliance solutions for health insurance carriers
Historically, health insurance carriers have employed compliance officers to oversee their adherence with all applicable laws and regulations. It would make sense that overall investment in healthcare compliance would be on the rise, given the year-over-year increasing complexity of healthcare laws. The Bureau of Labor and Statistics estimates an 8 percent growth in the overall need for compliance officers in the healthcare industry by 2026.
Whether staffing and budgeting increase to meet this need or not, healthcare compliance officers should look for ways to do more with less. Technology can be a key ingredient in this strategy. However, it’s extremely important for health insurance companies to remember, as they add new technology to assist in their compliance efforts, that each piece of their tech stack must in itself be compliant with laws governing their business.
Health insurance companies are held to high standards, but they aren’t the only responsible party. Check out our other pieces to learn about the who, what, and how of health insurance compliance for agents and health insurance compliance for employers.
The future of healthcare compliance
Healthcare in America is a hot-button issue that continues to receive political focus and media attention. As affordability, privacy, and consumer protection remain major concerns, we expect regulation will also keep increasing.
Regardless of your position in the industry, as an insurance carrier, MGA, MGU, independent agency, broker, or employer, the stakes are high when it comes to complying with health insurance laws. Hiring robust internal teams isn’t practical for all organizations, and completely outsourcing the responsibility for compliance may be too expensive or otherwise unworkable.
Health insurance is highly regulated and will continue to evolve, and each member of the distribution channel bears responsibility for following the law. In many ways, because of the nature of healthcare, penalties for non-compliance are not solely about the dollars involved, but translate to reputation and other intangible components.
Keep your health insurance carrier compliant across your distribution channels with AgentSync
Keeping up with regulations across healthcare compliance doesn’t have to be the tedious manual process it once was. Digital tools for distribution channel management can transform how you keep up with ever-changing insurance laws—without sacrificing speed and growth.
For more on how AgentSync can simplify distribution channel management and ensure you’re on the right side of insurance compliance while still scaling your business, contact us today.