Back to Bills

Health Plan Data Transparency Act

Full Title:
Health Data Access, Transparency, and Affordability Act of 2026

Summary#

This bill would change ERISA rules so employer-sponsored group health plans can get full claims and encounter data from their service providers. It requires contracts to allow plan fiduciaries and their agents fast access to payment data, pricing terms, audit rights, and supporting documents. The stated goal is to increase transparency so plans can review payments, detect errors or fraud, and better understand pricing and quality.

  • Main change: Contracts between group health plans and network service providers must let plan fiduciaries or their designated agents access all claims/encounter data, supporting documentation, pricing formulas, and audit rights.
  • Data standards: Claims and payment files must be provided in standard electronic formats (for example, X12 837 for claims and X12 835 for payment notices) and non-claim costs must be available in real time via portal, API, or CSV.
  • Privacy rule: Data disclosures must follow HIPAA privacy and security rules.
  • Enforcement: The Labor Secretary may fine violators up to $10,000 per day. Contract terms that block access or indemnify vendors against such penalties are void.
  • Attestation: Plans and issuers must annually certify to the Secretary that required price and quality information is available and not contractually restricted. They cannot hire a vendor to submit that certification for them.
  • Timing: Rules apply for plan years starting one year after the bill becomes law.

What it means for you#

  • Plan fiduciaries, plan sponsors, and plan administrators (employers):

    • Must be allowed direct access to all claims and encounter data and supporting payment documents from their vendors.
    • Can require daily or near-daily data and can choose auditors and audit frequency.
    • Must submit an annual attestation to the Secretary about availability of price and quality information. If they cannot get the information, they must explain why and show efforts to obtain it.

  • Network service providers (TPAs, insurers, PBMs, provider networks, intermediaries):

    • Must provide unmodified claims and payment files in standard electronic formats at no cost to the plan.
    • Must provide itemized non-claim costs in real time via portal, API, or downloadable CSV.
    • Cannot include contract terms that delay, limit, or hide pricing formulas, payment calculations, overpayment recovery terms, or bar audits.
    • Could face civil penalties up to $10,000 per day for violations, and cannot be indemnified by contracts against certain penalties.

  • Healthcare providers:

    • The bill clarifies that a health care provider is not a “network service provider” just for delivering care. Providers must still send claims in standard electronic formats; if they send paper claims, those must be converted for the plan.

  • Department of Labor / Secretary:

    • Gains authority to enforce access rules and to write implementing rules by notice-and-comment rulemaking.
    • May assess civil penalties for violations.

  • Health plan members / patients:

    • The bill does not change coverage rules directly. It could indirectly affect plan oversight, pricing, and fraud detection, which may affect costs or services in the long run.
    • Any data sharing must comply with HIPAA privacy and security rules; the bill does not create a new patient authorization process.

Expenses#

No publicly available information.

  • The bill creates potential administrative and IT costs for plans and service providers to provide data in specified standard formats and to build portals/APIs.
  • The Department of Labor may incur enforcement and rulemaking costs to implement and monitor compliance.
  • Civil penalties (up to $10,000 per day) could impose large financial exposure for entities found in violation.
  • Removing contract indemnities could increase legal and insurance costs for some service providers.
  • Any savings from better plan negotiation or fraud recovery are not estimated in the bill text.

Proponents' View#

  • The bill appears intended to remove “gag clauses” and ensure plans can see the same claims and payment data that their vendors and providers see.
  • Supporters may argue this could improve plan oversight by enabling audits, quicker detection of billing errors or fraud, and clearer understanding of pricing and payment methods.
  • The bill could be seen as strengthening plan fiduciaries’ ability to control costs and protect plan participants by making pricing terms and payment formulas accessible.
  • Requiring standard electronic formats and real-time access may be seen as reducing barriers to using data for cost control and quality measurement.

Opponents' View#

  • One concern is that the bill may impose significant IT, administrative, and compliance costs on service providers and plans to deliver daily, standardized data and build portals or APIs.
  • The bill requires disclosure of pricing formulas and payment methodologies; this may conflict with vendors’ claims of proprietary information and could affect commercial negotiations.
  • Although the bill requires HIPAA-compliant disclosures, it is unclear how de-identification and patient privacy will be handled in all situations. The text does not fully explain when data must be de-identified vs. when protected health information may be shared.
  • The daily-access and audit requirements could disrupt existing contractual relationships and increase litigation risk, especially given the high per-day civil penalty.
  • The bill applies to group health plans under ERISA; it is unclear how it affects fully insured plans not covered by ERISA, small-employer plans, or state-regulated plans.