What is a TPA?
TPA stands for Third Party Administrator and refers to a company that provides operational services such as claims processing and employee benefits management under contract to another company. Insurance companies and self-insured companies often outsource their claims process to third parties (TPAs).
What are the compliance guidelines for TPAs?
New guidelines were recently (2022) prepared by the Employee Benefits Security Administration to create a comprehensive list of best practices for TPA’s. These guidelines are for use by record keepers, plan-related IT systems and data, and plan fiduciaries who operate with third party administrators.
Cybersecurity Program Best Practices
(via Employee Benefits Security Administration | United States Department of Labor)
You can view the full PDF of guidelines here.