Beginning in early 2016, Section 6055 of the Affordable Care Act (ACA) requires employers, plan sponsors and/or insurers to send annual reports to employees and the IRS identifying all individuals, including dependents, receiving health coverage. The 2016 reports will reflect what took place in 2015, so employers and plan sponsors need to obtain information, including Taxpayer Identification Numbers (Social Security numbers), for employees and dependents who had health coverage during any of the months from January through December 2015.

Over half of respondents to a recent International Foundation ACA survey found the process of collecting dependents’ Social Security numbers somewhat, very, or extremely challenging.


Who reports under Section 6055?

Any entity that offers minimum essential coverage to its employees, members or participants must report under Section 6055. For employers in multiemployer (Taft-Hartley) plans, the plan sponsor (the board of trustees) is responsible for this reporting. The insurance company does the 6055 reporting for plans that are fully insured.

What is reported under Section 6055?

Among other things, names and Social Security numbers of all individuals receiving minimum essential coverage, including any spouses and/or dependents receiving coverage. Social Security numbers of spouses and dependents not receiving coverage do not need to be reported.

If the plan sponsor cannot obtain a covered individual’s Social Security number, that person’s date of birth may be used instead, as long as the reporting entity makes a reasonable effort to obtain the Social Security number. A plan sponsor should make a reasonable effort in order to avoid penalties for incomplete or incorrect reporting.

[Preparing for the ACA Cadillac Tax—Watch On Demand] 

What is a reasonable effort to obtain a Social Security number?

IRS Notice 2015-68 states a reporting entity will not be subject to penalties for failure to report a correct Social Security number for 2015 coverage if it follows these steps:

  1. Request the Social Security number at an individual’s first enrollment in health coverage or, if already enrolled on September 17, 2015, at the next open season.
  2. Make a second request at a reasonable time thereafter.
  3. Make a third request by December 31 of the year following the first request.

If these steps are followed, the reporting entity may use the individual’s date of birth instead. If the reporting entity cannot obtain even the date of birth, the IRS will not impose reporting penalties for 2015 on entities that show they have made good faith efforts to comply with the reporting requirements. The 2015 relief also applies to incorrect or incomplete information reported on a return or statement, including Social Security numbers and dates of birth.

What about someone who no longer receives health coverage?

A reporting entity does not have to request a Social Security number from an individual whose coverage is terminated.

Is there model language to request a Social Security number?

The IRS has not supplied model language for requesting an individual’s Social Security number specifically for this purpose. However, a health care provider or employer might consider sending IRS Form W-9 to an individual. This is a standard form used to submit a Social Security number to an entity that requests it.

There has been some debate on whether a letter soliciting an individual’s Social Security number must mention a possible $50 fine from the IRS for failing to provide the information. (See Kilpatrick Townsend Health & Welfare Blog by Mark Stember, “Soliciting SSNs for Information Reporting Requirements.“)

Would you like to make suggestions to the IRS on the reasonable good cause rules?

If so, you must act quickly. The IRS is requesting public comments by November 16, 2015, on applying the reasonable good cause rules under Internal Revenue Code Section 301.6724-1(e) to ACA-related Social Security number solicitation and reporting. Comments should be submitted to Please include “Notice 2015-68” in the subject line of any electronic communications.


IRS Notice 2015-68

IRS Questions and Answers on Information Reporting by Health Coverage Providers (see especially questions 3, 16, 17 and 18)

March 2014 Final Regulations (Information Reporting of Minimum Essential Coverage)

2015 Forms and Instructions:

Form 1094-B Transmittal of Health Coverage Information Returns
Form 1094-C Transmittal of Employer-Provided Health Insurance Offer and Coverage Information Returns
Form 1095-B Health Coverage
Form 1095-C Employer-Provided Health Insurance Offer and Coverage
Instructions for Forms 1094-B and 1095-B
Instructions for Forms 1094-C and 1095-C

Lois Mathis-Gleason, CEBS
Manager, Reference/Research Services at the International Foundation



Lois Gleason, CEBS

Manager, Reference/Research Services at the International Foundation

Favorite Foundation service/product: The Employee Benefits Survey (conducted every few years; it is very comprehensive)

Benefits-related topic top picks: Affordable Care Act, multiemployer pension plans

Favorite Foundation conference moment: Working the bookstore/information center at the Employee Benefit Symposium and meeting our members

Personal Insight: When she’s away from work, Lois likes to dive into 19th century Brit lit novels by Dickens, Eliot, Hardy and the Bronte sisters. These works are spicy and action-packed when compared to the employee benefit rules and regulations she reviews all day.

1 Comment

  1. bwhite21

    The flip side of this issue is what needs to be done to protect individuals whose social security numbers are the subject of a data breach. No business or government entity is immune from data breaches. Data breach notification laws are outdated when it comes to social security number breaches. Unlike bank accounts, SSNs cannot be changed. The breach of SSN is a lifetime breach which exposes financial and healthcare records of the victim, his/her family, and business associates. The new law will only compound the problem. There should be significant penalties against those businesses/entities who suffer a breach of SSNs to encourage them to have high level protection for SSNs. Better still would be substitute IDs for SSNs which the govt could convert. Statute of limitations should be tolled until there is actual damage following a breach involving SSNs. While hacking is more common, most breaches are due to simple employee error of malfeasance, rather than sophisticated attacks. The one year free account monitoring following a breach involving SSNs is a farce, particularly as breach data is often resold after a year. This is a very large accident waiting to happen which the govt is just adding to.

Comments are closed.

Recommended Posts

Educating DC Plan Participants for the Long Hike to Retirement

Kathy Bergstrom, CEBS

Many years ago, I visited Grand Canyon National Park with my mom and aunt. It was unseasonably hot, but I wanted to walk down into the canyon on the Bright Angel Trail. My companions were not up for the hike, so I […]

Building and Designing for DEI: Creating Employee Benefits That Work for All

Guest Contributor

Benefits Magazine Extras articles provide you with bonus content on a mix of benefits topics as well as deep dives and analyses on the latest benefit trends and compliance issues. Foundation members can visit to view the full bimonthly print edition of the magazine.  Global […]