Gag Clause Prohibition Compliance Attestation (GCPCA) is a required annual filing for most health plans, as mandated by the Consolidated Appropriations Act (CAA), 2021. The purpose of this requirement is to ensure that health plan service contracts do not contain “gag clauses”—provisions that restrict a plan’s ability to access and share specific information about cost and quality of care.
The goal of this law is to increase transparency in healthcare pricing and empower plan sponsors and participants to make informed decisions.
Who Must File, and What’s a "Gag Clause"?
The law applies to virtually all group health plans, including ERISA plans, non-federal governmental plans, and church plans. This includes both fully insured and self-insured plans, regardless of size.
A "gag clause" is a contractual term that directly or indirectly restricts a plan from:
Disclosing provider-specific cost or quality-of-care information to the plan sponsor, participants, and beneficiaries.
Accessing de-identified claims data upon request.
Sharing this information with a business associate.
Essentially, a gag clause could prevent a plan from seeing how much a provider is being paid for a service, which in turn limits the plan's ability to negotiate better rates or to provide this information to its members.
How Does This Apply to My Plan?
Whether you are a fully insured or a self-insured plan sponsor, you are ultimately responsible for ensuring the attestation is filed. However, your role in the process may differ based on your plan type.
For Fully Insured Plans
You are in luck! Your insurance carrier is legally required to file its own attestation, and by doing so, it is considered to have satisfied the attestation requirement on your behalf.
📋 Action Item: We recommend that you get written confirmation from your carrier that they will be filing the attestation for your plan. This serves as a best practice for your own compliance records.
For Self-Insured Plans
You (the plan sponsor) are directly responsible for submitting the attestation. While you may delegate this responsibility to a third-party administrator (TPA) or other service provider, the legal liability for timely and accurate filing remains with you.
📋 Action Item: If you are delegating this task, ensure you have a clear, written agreement with your TPA or vendor stating that they will file the attestation on your behalf. We also recommend requesting proof of the filing once it is completed.
Filing Deadlines and Instructions
The attestation must be filed annually with the Centers for Medicare & Medicaid Services (CMS) by December 31. The first attestation was due by December 31, 2023, and subsequent attestations are due by December 31 of each year thereafter.
The attestation is submitted through an online webform on the CMS website. The process is straightforward, requiring basic information about the plan and the attesting entity.
What You'll Need to File:
Your Entity's Information: This includes your name, Federal Tax Employer Identification Number (EIN), and a point of contact.
Plan Information: You will need to identify the type of plan you are attesting for (e.g., ERISA, non-federal governmental, or church plan).
Verification: The form includes an electronic signature section to attest that your plan and its service agreements comply with the gag clause prohibition.
A Note on Delegation: The CMS webform allows a TPA or other third party to submit on behalf of a plan. If you are a self-insured plan and your vendor is handling the filing, they will use a streamlined process to submit for multiple plans. However, you should still provide them with the necessary information and follow up to confirm the filing.
Key Takeaways for Employers
Plan Type | Responsibility | What to Do |
Fully Insured | The insurance carrier files on your behalf. | Request written confirmation from your carrier that they will handle the attestation. |
Self-Insured | You, the plan sponsor, are legally responsible. | Have a written agreement with your TPA or vendor to file on your behalf and request proof of filing. |
Still Have Questions?
Navigating benefits compliance can be complex. While this article provides an overview, it is not a substitute for legal advice. ERISAfire and our partner LeFevre Law are here to help you understand your obligations and ensure you meet all regulatory requirements.