Latest News

Ohio Course Update July 2019

Ohio Insurance courses have been updated with annual outline changes effective July 1, 2019. Continue reading to view the Ohio Life & Health, and Property & Casualty and Personal Lines course addendums.
Continue scrolling to read through the addendums or click the links below to download:

> Ohio Life & Health Addendum

Ohio Property & Casualty and Personal Lines Addendum



OHIO LIFE & HEALTH

Addendum: for use with Ohio Life & Health online ExamFX course and study guide version 24490en/24493en, per exam content outline updates effective 07/01/2019.

The following are content additions to supplement your existing text unless otherwise indicated:

LIFE AND HEALTH

Insurance Regulation

B. State Regulation

6. Insurance Information Privacy

Cyber Security

Cyberattacks are an alarming and ongoing threat, often resulting in the theft of sensitive consumer financial and health information, repair costs to hardware and software, litigation costs, and damage to a company's reputation. This has led to increasing calls for legislation and regulation for enhanced cybersecurity measures to address the numerous risks posed by a cyberattack.

An insurer's Information Security Program must be designed to do the following:

  • Protect the security and confidentiality of nonpublic information and the security of the information system;
  • Protect against any threats or hazards to the security or integrity of nonpublic information and the information system;
  • Protect against unauthorized access to or use of nonpublic information, and minimize the likelihood of harm to any consumer; and
  • Define and periodically reevaluate a schedule for retention of nonpublic information and a mechanism for its destruction when no longer needed.

    Training and Monitoring

    As part of a cybersecurity program, insurers must designate one or more employees who are responsible for the information security program, as well as identify foreseeable internal or external threats that could result in an unauthorized access, transmission, disclosure, misuse, alteration, or destruction of nonpublic information, including information accessible to, or held by, third-party service providers. In addition, insurers must provide employee training and management, and implement safeguards to manage threats and assess the effectiveness of the safeguards' systems and procedures at least annually.

    Insurers must submit a written statement to the Superintendent of Insurance by February 15th of each year, unless otherwise specified. The statement must certify that the insurer is in compliance with state cyber regulations.

    Investigation of Events

    In the event a cybersecurity event has occurred, a licensee, an insurer or third-party service provider must conduct a prompt investigation. This investigation must include:

  • A determination whether a cybersecurity event has occurred;
  • An assessment of the nature and scope of the cybersecurity event;
  • Identification of nonpublic information involved; and
  • Overseeing of reasonable measures to restore the security of the information system to prevent future cybersecurity events.

    Licensees must maintain records concerning all cybersecurity events for a period of at least 5 years from the date of the cybersecurity event and must produce those records upon demand of the Superintendent of Insurance.

    Exemptions

    The following are exempt from cybersecurity regulations:

  • Insurers that have fewer than 20 employees;
  • Insurers with a gross annual income less than $5,000,000;
  • Insurers with less than $10,000,000 in assets at the end of the licensee's fiscal year; or
  • Employees, agents, representatives, independent contractors, or designees of an insurer.

    If a previously exempt insurer no longer qualifies for an exemption, the insurer may continue business without an Information Security Program for no more than 180 days. After this period has elapsed, the insurer must comply with state cyber requirements.

    Definitions

    Cybersecurity event: any effort to obtain unauthorized access to an information system or nonpublic information stored on the information system. Cybersecurity events do not include instances in which acquired nonpublic information is returned, destroyed, or not used.

    Encrypted: transformation of data to obscure meaning without the use of a protective process or key.

    Information system: an organized system that collects, maintains, and transmits electronic nonpublic information.

    Nonpublic information: any business-related information that is not publicly available information that if misused could jeopardize a covered entity's security and operations; any personally identifiable information (such as social security number, driver's license, or credit card numbers); and any information (other than age and gender) related to health care.

    Multi-Factor Authentication: authentication through verification of at least two factors:

  • Knowledge factor, such as a password;
  • Possession factors, such as a token or text message on a mobile phone; or
  • Inherence factors, such as a biometric characteristic.

    Publicly available information: information lawfully available to the general public from federal, state, or local government records, distributed media, or disclosures required by federal, state, or local law. Information may be considered publicly available if an insurer determines it's of the type available to the public and the consumer has not denied making it public.

    Risk assessment: evaluation of potential risks to the privacy of nonpublic information.

    Third-party service provider: contracted person other than an insurer who is permitted to access nonpublic information for the purposes of maintaining, processing, or storing information.

    HEALTH ONLY

    Medical Plans

    C. Cost Containment in Health Care Delivery

    Prior Authorization Procedures

    A prior authorization requirement refers to any health care service, device, or drug which requires the approval of the insurer or plan prior to being performed, received, or prescribed.

    If a policy issued by an accident and sickness insurer or public employee benefit plan requires prior authorization, the following conditions must be met:

  • Health care practitioners must be permitted to access prior authorization forms through an established electronic software system;
  • A pharmacy benefit manager must accept and respond to prior prescription or prior medical benefit authorization requests through a secure electronic transmission; and
  • The insurer must make an arrangement for the authorization of nonelectronic requests.

    After an authorization request has been submitted, the insurer must:

  • Provide the health care practitioner with an electronic receipt acknowledging the request was received;
  • Respond to the request within:
    • 48 hours for urgent care services; and
    • 10 days for all other requests;
  • Indicate whether the request has been approved or denied;
  • Provide reasoning for denied requests; and
  • Indicate additional information required if the request is deemed incomplete.

    Insurers must provide prior authorization approval for chronic condition related drugs, for a period of 12 months or the last day of the insured's eligibility under the policy, whichever is less. If the insured's chronic condition has not changed after the approval period has ended, the insurer may require a health care practitioner to submit additional information on the continued chronic condition. If the practitioner does not respond within 5 days of the request, the 12-month approval will be terminated. If the drug is no longer approved or safe under state or federal regulatory guidelines, the 12-month approval with terminate.

    Exclusions to the 12-month approval period include:

  • Non-maintenance condition medication;
  • Medications with a typical treatment time of fewer than 12 months;
  • Medications which require a trial run longer than 12 months;
  • Non-scientifically backed medications;
  • Scheduled I or II controlled substances or any opioid analgesic or benzodiazepines; and
  • Medication not prescribed by an in-network provider.

    In addition to chronic conditions, an insurer or public employee benefit plan may provide a 12-month approval for the treatment of rare medical conditions. A "rare medical condition" refers to any disease or condition that affects fewer than 200,000 individuals in the United States. Controlled substances are excluded.

    In a situation where prior authorization was requested but not received, the insurer may permit a retrospective claim review. For a retrospective claim review to occur, the new service must be directly related to another prior approval service received, not known as needed at the time of the original prior authorization, and the need for the new service was revealed during the original prior authorization.

    If an insurer enacts new prior authorization requirements, the insurer must provide all participating health care practitioners with a "Notice of Changes to Prior Authorization Requirements," no later than 30 days prior to the updated requirements. Notices are not required to list out changes, but must provide a source where practitioners may review the list of changes.

    Health Insuring Corporations (HICs)

    A. General Characteristics

    Primary Care Physician vs. Referral Physician

    When an individual becomes a member of the HIC, he or she will choose a primary care physician (PCP), who will serve as a gatekeeper. The primary care physician will be regularly compensated for being responsible for the care of that member, whether care is provided or not. It should be in the primary care physician’s best interest to keep this member healthy to prevent future time for treatment of disease.

    In order for the member to get to see a specialist, the PCP must refer the member. In many HICs, there is a financial cost to the primary care physician for referring a patient to the more expensive specialist, thus the primary care physician may be inclined to use an alternative treatment before approving a referral.

    Insurance for Senior Citizens and Special Needs Individuals

    A. Medicare

    4. Part C – Medicare Advantage

    A Medicare Medical Savings Account (MSA) is a consumer-directed Medicare Advantage Plan that combines a high-deductible insurance plan with a medical savings account. The high-deductible insurance plan portion of an MSA covers costs once a high yearly deductible has been met. Medicare deposits money into the savings account, which can be used to pay health care costs, prior to meeting the deductible requirement.

    In addition to coverage provided by Medicare Advantage Plans, Medicare MSAs may cover the following extra benefits for an extra cost:

  • Dental;
  • Vision; and
  • Long-term care not covered under Medicare.

    Medicare MSAs do not cover Medicare Part D - Prescription Drug Insurance.

    Enrollment Timelines

    The enrollment period for a Medicare Advantage Plan is dependent on eligibility factors and current Medicare coverage.

    Newly eligible individuals may sign up for a Medicare Advantage Plan 3 months before turning age 65 and up to 3 months after turning age 65. Depending on the elected date, coverage will begin:

  • The first day of the month the individual turns 65, if elected prior to their birthday; or
  • The first day of the following month, if elected during the individual's birth month or up to 3 months after.

    If an individual is eligible for Medicare as a result of a disability, he or she may join 3 months before the individual's 25th month of receiving Social Security or Railroad Retirement Board (RRB) disability benefits, or up to 3 months after. Coverage begins:

  • The first day of the 25th month of disability payments, if elected before receiving Medicare; or
  • The first day of the following month of election, if elected during the 25th month of disability benefits or up to 3 months after.

    If an individual already has Medicare Part A coverage and has enrolled in Medicare Part B during the general enrollment period, they may sign up for a Medicare Advantage Plan between April 1st and June 30th.

    During the Open Enrollment for Medicare Advantage and Medicare Prescription Drug Coverage (October 15th to December 7th), individuals may do the following:

  • Switch between Original Medicare to a Medicare Advantage Plan;
  • Switch between a Medicare Advantage Plan without drug coverage to a plan with drug coverage;
  • Join a Medicare Prescription Drug Plan;
  • Switch from a Medicare Drug Plan to another Medicare plan; or
  • Disenroll from Medicare drug coverage.

    During the Medicare Advantage Open Enrollment Period (January 1st to March 31st), enrolled individuals may:

  • Switch to another Medicare Advantage Plan (with or without drug coverage); or
  • Disenroll from their current Medicare Advantage Plan and return to Original Medicare (with eligibility for a Medicare Prescription Drug Plan).

    If an individual enrolled in a Medicare Advantage Plan during their initial Enrollment Period, they may switch to another Medicare Advantage plan or disenroll within the first 3 months of coverage.

    If already enrolled in an Original Medicare plan, individuals are prohibited from switching to a Medicare Advantage plan, joining a Prescription Drug Plan, or switching from one Medicare Prescription Drug Plan to another during the Medicare Advantage Open Enrollment Period.

    Coverages and Cost-Sharing Amounts

    Cost sharing refers to the allocation of funds for healthcare and prescriptions through copayments, coinsurance, and deductibles. Out-of-pocket costs under Medicare Advantage vary by plan and are dependent on the following factors:

  • Monthly premiums;
  • Monthly Medicare Part B premiums paid by the plan;
  • Annual deductibles;
  • Additional deductibles;
  • Cost for each visit or service (total copayment or coinsurance);
  • Rate in which health care services are needed;
  • Compliance with plan rules (utilization of network providers);
  • Potential extra benefits and associated costs;
  • Out-of-pocket annual limits; and
  • Assistance through Medicaid or the state.


Supplemental Benefits

Supplemental benefits are those not covered by Medicare Part A or Part B. Medicare Advantage Plans may offer coverage for supplemental benefits, as long as the items or services covered are medically necessary for the prevention, curing, or diminishing of an illness or injury. Benefits must incur direct medical costs, in addition to potential administrative costs.

Examples of supplemental benefits include:

  • Acupuncture;
  • Alternative therapies;
  • Bathroom safety devices;
  • Routine chiropractic services;
  • Counseling services;
  • Eligible preventive benefits;
  • Fitness benefits;
  • Enhanced Disease Management (EDM);
  • Health education;
  • In-home safety assessments;
  • Meals;
  • Nutritional/dietary benefits;
  • Over-the-counter (OTC) drugs/items;
  • Personal Emergency Response Systems (PERSs);
  • Medical nutrition therapy (MNT);
  • Physical exams;
  • Point-of-service (POS) benefits;
  • Post-discharge in-home medication reconciliation;
  • Readmission prevention;
  • Remote access technologies;
  • Repairs;
  • Telemonitoring services;
  • Transportation services;
  • Visitor/travel benefit;
  • Weight management programs;
  • Wigs for chemotherapy caused hair loss; and
  • Worldwide emergency/urgent coverage.

    Excluded from supplementary benefits under a Medicare Advantage plan are the following:

  • Cosmetics services;
  • Homemaker/maid services;
  • Massage benefits;
  • Smoke detectors;
  • Fire extinguishers;
  • Pap or pelvic screenings more frequent than every 24 months;
  • Electronic medical records;
  • Electronic data storage devices;
  • Loaner DME items;
  • Stand-alone memory fitness benefits; and
  • Case management or care coordination services.

    5. Part D – Prescription Drug Insurance

    Coverage, Formulary, Tiering

    Each Medicare drug plan must provide at least a standard level of coverage set by Medicare. Plans can vary the list of prescription drugs they cover and how they place drugs into different "tiers" on their drug lists (called formularies).

    As defined by Medicare, a formulary is a list of prescription drugs covered by a prescription drug plan, also known as a drug list. Each plan has its own formulary that must be filed annually. Whenever the plan makes changes to the formulary, the insureds must be notified. Medicare drug plans categorize drugs into different tiers, each with a different cost. Drugs in a lower tier will cost less than drugs in a higher tier. A formulary must include at least 2 drugs in each treatment category, but it is not required to include all drugs.

    To lower costs, many plans place drugs into different "tiers" on their formularies (drug lists). Each tier costs a different amount. A drug in a lower tier will cost the insured less than a drug in a higher tier. Here is an example of how a plan may divide its drugs into tiers:

  • Tier 1 - Generic drugs (least expensive);
  • Tier 2 - Preferred brand-name drugs (cost more than Tier 1); and
  • Tier 3 - Nonpreferred brand-name drugs (most expensive).

    Limitations - Prior Authorization, Step Therapy, Quantity Limits

    Prior authorization means approval from a Medicare drug plan before insureds may fill their prescription in order for the prescription to be covered by the plan. Medicare drug plan may require prior authorization for certain drugs.

    Step therapy is a type of prior authorization. In most cases, Medicare requires the insured to first try a certain, less expensive drug on the plan's Formulary that has been proven effective for most people with the same condition before the insured can move up a "step" to a more expensive drug. For example, some plans may require to first try a generic drug (if available), then a less expensive brand-name drug on their drug list before the insured can get a similar, more expensive, brand-name drug covered.

    Quantity limits: for safety and cost reasons, plans may limit the amount of drugs they cover over a certain period of time. For example, most people prescribed heartburn medication take 1 tablet per day for 4 weeks. Therefore, a plan may cover only an initial 30-day supply of heartburn medication.

    If the prescriber believes that it is medically necessary for the insured to be on a particular drug even though the insured doesn't meet the prior authorization criteria, the insured and the prescriber can contact the plan to request an exception. The prescriber must give a statement supporting the request. If the request is approved, the plan will cover the particular drug, even without prior authorization for the drug, or without trying a less expensive drug first.

    Preferred Network Pharmacies

    A pharmacy that is part of a Medicare drug plan's network is called a preferred cost sharing pharmacy. Insureds may pay lower out-of-pockets costs (such as copayment or coinsurance) for some of their prescription drugs if they get them from a preferred cost sharing pharmacy instead of a standard cost sharing pharmacy.

    Low-Income Subsidy

    The Medicare Prescription Drug Improvement and Modernization Act of 2003 (MMA) provides assistance to low-income individuals through federal government subsidies. These subsidies cover premiums, deductibles, and copyments under Medicare Part D. Individuals may apply for a Low-Income Subsidy (LIS) through the Social Security Administration (SSA) or through the State Medicaid agency.

    During the application process, the applicant's income (aong with the applicant's spouse's income if married) is compared to the Federal Poverty Level (FPL). Included in the applicant's income are resources or assets that can be readily converted into cash within 20 days, along with property outside of the applicant's primary residence.

    To qualify for full low-income subsidies, applicants must meet the following requirements:

  • Have a total income of no more than 135% of the FLP;
  • Have less than $9,230 in resources (bank accounts, stock, and bonds), or $14,600 for married couples; and
  • Have an annual income of less than $17,102, or $23,069 for married couples.

    To qualify for partial low-income subsidies, applicants must meet the following requirements:

  • Have a total income of between 135-150% of the FLP;
  • Have less than $14,390 in resources (bank accounts, stock, and bonds), or $28,720 married couples; and
  • Have an annual income of less than $18,975, or $25,605 for married couples.

It is important to note than these dollar amounts include $1,500 for burial allowance per person. If an applicant or spouse have no intent to use burial or funeral arrangements, qualifying totals are reduced by $1,500.


Some individuals are automatically eligible for drug coverage subsidies and do not need to submit an application for assistance. These include:

  • Individuals eligible for both Medicare and Medicaid benefits (full-benefit dual eligible (FBDEs));
  • Supplemental Security Income (SSI) recipients, including those who do not qualify for Medicaid; and
  • Medicare beneficiaries who are participants in the Medicare Saving Programs.

    Eligibility under LIS may be denied if individuals:

  • Are not eligible for Medicare;
  • Failed to complete the application process;
  • Have an annual income exceeding 150% FPL;
  • Have total resources exceeding $14,390/28,720;
  • Are not a resident of the state;
  • Are not a resident of the United States; or
  • Are incarcerated.

C. Other Options for Individuals with Medicare

Connector Models

The Ohio Public Employees Retirement System (OPERS) is a public pension fund which offers health care coverage for retirees and eligible dependents. Coverage through the OPERS includes medical plans, prescription drug plans, dental plans, and vision plans. OPERS replaces Social Security.

The OPERS Connector is a service offered to Medicare Part A and B enrollees. The purpose of the Connector is to provide education, plan selection, enrollment, and advocacy pertaining to Medicare. OPERS offers assistance with selection of the most suitable Medicare plan based on an individual's lifestyle and financial needs.

Individuals who enroll through a Connector receive a monthly allowance through a Health Reimbursement Account (HRA), which can be used to pay for qualified medical expenses.

______________________________________________________________________


OHIO PROPERTY & CASUALTY AND PERSONAL LINES

Addendum: for use with Ohio Property & Casualty and Personal Lines online ExamFX courses and study guides version 24492en/24493en (P&C), and 24494en (PL) per exam content outline updates effective 07/01/2019.

The following are content additions to supplement your existing text unless otherwise indicated:

Property and Casualty Insurance Basics

D. Ohio Laws, Regulations and Required Provisions

Fire Loss – Treasury Certificate

If fire damage to a structure located within a municipal corporation or township results in a recoverable amount higher than $5,000, the insurer must be furnished with a certificate from the county treasurer. Upon the written request from the insured specifying the tax description of the property and the receipt of proof of loss, the county treasurer will provide the insurance company with one of the following certificates:

A treasury certificate stating there are no delinquent taxes, assessments, penalties, or charges against the property; or

  • A treasury certificate and bill showing the amounts of delinquent taxes, assessments, penalties, or charges against the property.
  • If a bill is issued with the certificate, the insurer must pay the delinquent amounts with insurance proceeds, prior to paying the claim.

If a certificate is issued and there are no outstanding charges, the insurer may pay the claim associated with the damaged structure. If the agreed upon loss exceeds 60% of the aggregate limits of liability on the fire policy, the insurer must:

  • Pay $2,000 for every $15,000 of the claim to a designated officer of the municipal corporation or township; or
  • Pay the amount specified in a contractor's estimate to a designated officer of the municipal corporation or township.

If funds are determined to be in excess of the estimate and the municipal corporation or township has not incurred any costs as a result of repairs, removal, or securing, the funds will be returned to the named insurance within 60 days of the designated officer receiving proof of completion.

If a building or other structure is insured through multiple companies, proceeds are paid on a pro rata basis.

3. Cancellation and Nonrenewal

Personal Policy Cancellation

If the cancellation of a personal lines insurance policy is for nonpayment of premium, a notice of cancellation must be mailed to the insured at least 10 days prior to the cancellation. Notice of cancellation for nonpayment of premium may be included with a billing statement. Cancellation may occur on or after the due date of the bill, as long as the insured has been alerted in the required time frame.

Insurance Regulation

B. State Regulation

6. Insurance Information Privacy

Cyber Security

Cyberattacks are an alarming and ongoing threat, often resulting in the theft of sensitive consumer financial and health information, repair costs to hardware and software, litigation costs, and damage to a company's reputation. This has led to increasing calls for legislation and regulation for enhanced cybersecurity measures to address the numerous risks posed by a cyberattack.

An insurer's Information Security Program must be designed to do the following:

  • Protect the security and confidentiality of nonpublic information and the security of the information system;
  • Protect against any threats or hazards to the security or integrity of nonpublic information and the information system;
  • Protect against unauthorized access to or use of nonpublic information, and minimize the likelihood of harm to any consumer; and
  • Define and periodically reevaluate a schedule for retention of nonpublic information and a mechanism for its destruction when no longer needed.

Training and Monitoring

As part of a cybersecurity program, insurers must designate one or more employees who are responsible for the information security program, as well as identify foreseeable internal or external threats that could result in an unauthorized access, transmission, disclosure, misuse, alteration, or destruction of nonpublic information, including information accessible to, or held by, third-party service providers. In addition, insurers must provide employee training and management, and implement safeguards to manage threats and assess the effectiveness of the safeguards' systems and procedures at least annually.

Insurers must submit a written statement to the Superintendent of Insurance by February 15th of each year, unless otherwise specified. The statement must certify that the insurer is in compliance with state cyber regulations.

Investigation of Events

In the event a cybersecurity event has occurred, a licensee, an insurer or third-party service provider must conduct a prompt investigation. This investigation must include:

  • A determination whether a cybersecurity event has occurred;
  • An assessment of the nature and scope of the cybersecurity event;
  • Identification of nonpublic information involved; and
  • Overseeing of reasonable measures to restore the security of the information system to prevent future cybersecurity events.

Licensees must maintain records concerning all cybersecurity events for a period of at least 5 years from the date of the cybersecurity event and must produce those records upon demand of the Superintendent of Insurance.

Exemptions

The following are exempt from cybersecurity regulations:

  • Insurers that have fewer than 20 employees;
  • Insurers with a gross annual income less than $5,000,000;
  • Insurers with less than $10,000,000 in assets at the end of the licensee's fiscal year; or
  • Employees, agents, representatives, independent contractors, or designees of an insurer.

If a previously exempt insurer no longer qualifies for an exemption, the insurer may continue business without an Information Security Program for no more than 180 days. After this period has elapsed, the insurer must comply with state cyber requirements.

Definitions

Cybersecurity Event: any effort to obtain unauthorized access to an information system or nonpublic information stored on the information system. Cybersecurity events do not include instances in which acquired nonpublic information is returned, destroyed, or not used.

Encrypted: transformation of data to obscure meaning without the use of a protective process or key.

Information System: an organized system that collects, maintains, and transmits electronic nonpublic information.

Nonpublic Information: any business-related information that is not publicly available information that if misused could jeopardize a covered entity's security and operations; any personally identifiable information (such as social security number, driver's license, or credit card numbers); and any information (other than age and gender) related to health care.

Multi-Factor Authentication: authentication through verification of at least two factors:

  • Knowledge factor, such as a password;
  • Possession factors, such as a token or text message on a mobile phone; or
  • Inherence factors, such as a biometric characteristic.

Publicly available information: information lawfully available to the general public from federal, state, or local government records, distributed media, or disclosures required by federal, state, or local law. Information may be considered publicly available if an insurer determines it's of the type available to the public and the consumer has not denied making it public.

Risk Assessment: evaluation of potential risks to the privacy of nonpublic information.

Third-party Service Provider: contracted person other than an insurer who is permitted to access nonpublic information for the purposes of maintaining, processing, or storing information.