How it works
Built so a single plan administrator — usually doing benefits as part of a wider HR or finance role — can satisfy ERISA without hiring a team.
Our process
Built for the busiest plan administrator in the company — usually one person at the SMB / mid-market scale, doing benefits as part of a wider HR or finance role.
First 10 minutes
Tell us your company name, employee count, and which PBM(s) you use. Name your Primary fiduciary, up to two Delegates, and a Backup. Drop in your most recent PBM contract — we extract every pricing term automatically. That's onboarding. One time.
Each month, ~5 min
Drop in the claims file your PBM gave you (CSV, XLSX, EDI 835, NCPDP, even PDF). Within ~10 minutes, we benchmark every line against NADAC + WAC and your contract terms, score each claim, and flag the disputable ones at ≥85% confidence.
Each month, ~7 min
Three buttons per flagged claim: include, defer, dismiss with reason. Then upload any responses your PBM sent you last cycle — our AI classifies each one (accepted / partial / denied / no response). PlanLedger drafts the next escalation when a window expires.
Each month, ~3 min
Your named Primary clicks ‘I certify I performed this monthly fiduciary review’ — capturing e-signature, IP, user agent, content hash, and ERISA §404(a)(1)(B) attestation language. The cycle is sealed in the ledger. The Fiduciary Package is ready to download.
The first 90 days
Day 0 · onboarding (10 min, one time)
Sign up with Clerk. Pick your PBM(s). Name your Primary, Delegate(s), and Backup. Drop in your PBM contract. We extract every pricing term automatically and create your inbound channel.
Day 1–4 · first analysis (10 min total)
Upload last month's claims file. Within ~10 minutes you have your first AI-flagged dispute list. Export the per-PBM Dispute Pack. File it the way your PBM requires (portal, fax, email, mail). Done.
Day 30 · first monthly cycle
Email reminder hits the Primary. Open the monthly task. Upload claims, review flags, clear last month's responses. The Primary signs off. The cycle is sealed.
Day 90 · first quarter sealed
Three closed cycles. Three Fiduciary Packages on file. Your first quarterly review is a one-click PDF instead of a frantic week of evidence-gathering.
Year 1 · steady state
Twelve cycles. Twelve packages. A continuous, court-defensible record of fiduciary diligence. Renewal, audit, broker review, plan participant inquiry — all answered in seconds.
Our solution
We document the duty. We flag the disputes. You stay in control of every PBM interaction — and you walk away with proof.
Every action — every claim file uploaded, every dispute flagged, every PBM response classified, every Primary sign-off — is appended to a per-tenant, hash-chained, KMS-signed ledger. Tamper-evident by construction. Anyone can verify a record with a public key.
Every claim is benchmarked against NADAC and WAC, evaluated against your contract's pricing terms, and scored for dispute-worthiness. Powered by AWS Bedrock Claude inside the HIPAA bubble — your PHI never leaves your AWS region.
At any moment — not only at quarter-end — your plan administrator downloads the PlanLedger Fiduciary Package PDF: ledger excerpt, 3-step proof bundle, ERISA 6-obligation snapshot, and an openssl verification recipe. Hand it to the DOL. Hand it to plaintiff's counsel.
We never log into a PBM portal. We never store your PBM credentials. You drag and drop your monthly file (or set up a one-time SFTP feed). The PBM never knows we exist — and your contract is never at risk.
When your PBM stalls, PlanLedger drafts the formal §204 data request, tracks the statutory response window, and queues the DOL/EBSA escalation if the deadline passes. You sign and send. We document.
Our published no-scrape attestation, BAA index, subprocessor list, and KMS public verification key are at planledger.io/trust — so your auditor, your broker, and your participants can independently verify our posture. No NDA required.
A note on what we deliberately left out
PlanLedger has one job: to be the system of record for your fiduciary duty. Anything else competes with the 15-minute promise.
We do not log into any PBM portal.
Their Terms of Service prohibit it. We will not put your contract at risk.
We do not store PBM credentials.
We never collect them. There is nothing to leak.
We do not send more than 4 emails per cycle.
Hard cap. Notifications anchor to actual claim-window deadlines, not arbitrary dates.
We do not take a cut of your recoveries.
$5 PEPM, flat. Your recovered dollars are yours. Our incentive is your ledger, not your dispute outcome.
Get started
Free for 30 days. One full Compliance Task on the house. No credit card. Your data is yours forever, even if you cancel.