Employer-sponsored health plans generally fall into one of two categories: fully insured or self-insured. With a fully insured plan, the financial risk is largely transferred from the employer to the insurance carrier, meaning the employer’s healthcare cost exposure is capped at its premium payments. A selfinsured plan, on the other hand, keeps most of the financial risk with the employer. Rather than paying set premiums to an insurer, the employer covers medical claims as they arise throughout the plan year. Level-funded health plans, while structured differently, are typically treated as self-insured for compliance purposes.
When choosing a funding approach, employers should weigh several factors, including compliance obligations. Self-insured plans offer greater design flexibility since they are not bound by state insurance mandates, mini-COBRA laws or the Affordable Care Act’s (ACA) essential health benefits (EHB) requirement. However, they are subject to nondiscrimination rules that do not apply to fully insured arrangements, and they must meet the full range of compliance requirements under the HIPAA Privacy and Security Rules.
The following checklist summarizes federal compliance obligations for self-insured health plans, including:
- Health Plan Design
- Annual Reporting
- Plan Documentation
- ERISA Fiduciary Duties
- Nondiscrimination Testing
- HIPAA Privacy and Security Rules
- Notice and Disclosure Requirements
- Transparency Disclosures
This article is merely a guideline. It is neither meant to be exhaustive nor meant to be construed as legal advice. It does not address all potential compliance issues with federal, state or local standards. Consult your licensed representative at Parrott Benefit Group or legal counsel to address possible compliance requirements. © 2026 Zywave, Inc. All rights reserved.