ACA filings without the panic.
Affordability, penalty exposure, and IRS AIR submission — all in one platform. From HRIS upload to IRS-accepted 1095-Cs in days, not weeks.
IRC §414, §4980H, §6056
30+ Data Models
CA, NJ, MA, RI, VT, DC
6 State Filings
AES-256-GCM Encryption
MFA-Enforced Access
One platform for complete ACA compliance
Import data, validate compliance, generate forms, and file with the IRS — all in one workflow.
Compliance Dashboard
Real-time compliance monitoring with penalty exposure, offer rates, and filing status at a glance.
Six engines. One workflow.
Most ACA tools wrap a thin UI over a spreadsheet. We built the actual regulations as code.
Data Hub
Drop your CSVs — demographics, payroll, benefits, W-2s. Client-side parsing, per-row validation, and Excel-aware templates.
Compliance Engines
ALE determination, measurement periods, ACA codes, affordability safe harbors, penalty calculations — all built to the letter of §4980H.
IRS-Accurate Forms
Real IRS PDF blanks with pixel-correct overlays. 1094-C and 1095-C forms that match the IRS schema byte-for-byte.
Federal & State Filing
IRS AIR e-filing plus 6 state mandates (CA, NJ, MA, RI, VT, DC). One workflow for every jurisdiction.
Employee Distribution
Print, mail, email, or secure-link delivery. Consent-aware distribution with full audit trail.
Risk Dashboard
Real-dollar penalty exposure, not vague badges. See §4980H(a) and (b) risk by employee and month.
Security First
AES-256-GCM encryption, MFA enforcement, row-level tenant isolation, and append-only audit logs.
Multi-Client Mode
Manage 20 clients without 20 logins. Keyboard-first navigation with sub-second tenant switching.
Built for precision. Designed for clarity.
Every screen is purpose-built to make ACA compliance straightforward.
Affordability Heatmap
Per-employee, per-month affordability against the active safe harbor. Green months pass §4980H(b); amber/red months indicate exposure risk.
Data Center
Import, validate, and reconcile employee data from HRIS, Payroll, and Benefits systems with real-time completeness tracking.
Employee Delivery
Multi-channel 1095-C distribution with consent tracking, audit logs, and delivery status for every employee.
1095-C Preview
IRS-accurate form preview with employee data, employer information, and monthly coverage details.
Built for the people who actually do the work
Whether you're running compliance in-house or managing clients, Lhodium fits your workflow.
HR Directors
Get a stable, defensible filing without becoming an ACA expert. Focus on people, not paperwork.
Benefits Managers
Model affordability across plan options and headcount changes. Validate before you file.
CFOs & Controllers
§4980H penalty exposure as a real-dollar risk line. Know your exposure before the IRS does.
Compliance & Legal
Audit trail for every action. Safe-harbor elections applied correctly. Evidence, not assumptions.
Benefits Consultants
Manage dozens of clients from one login. Cross-tenant access with auditable scope.
Why Lhodium?
Built for the gap between "we'll just use a spreadsheet" and "let's hire a Big Four firm."
| Feature | Spreadsheets | Payroll Add-ons | Big-Four | Lhodium |
|---|---|---|---|---|
| Real engine implementations of §4980H | partial | |||
| Look-Back Measurement Method | sometimes | |||
| Controlled-group aggregation | ||||
| ICHRA affordability against LCSP | ||||
| Self-service data import | manual | |||
| State filing matrix (6 states) | limited | |||
| AES-256-GCM PII encryption | varies | |||
| Append-only legal audit trail | rare | |||
| Multi-client / consultant mode | ||||
| Per-month penalty exposure dashboard | rare | |||
| Pricing predictability | ||||
| Time to first filing | weeks | weeks | months | days |
Security & Compliance
Built for PII. Designed for audits. Every customer asks about security — here are the answers.
AES-256-GCM Encryption
SSNs and MFA secrets encrypted at rest via pluggable Key Provider interface (env, file, or KMS).
MFA Enforcement
TOTP-based MFA with email-OTP fallback. Bcrypt password hashing. 15-minute session timeout.
No Plaintext SSN
SSN reveal endpoint is audit-logged on every call. PII never crosses the wire in plaintext.
Tenant Isolation
Row-level security policies. Every query scoped to tenant. Cross-tenant access explicitly audited.
Append-Only Audit Trail
Every mutation logged with userId, IP, timestamp, before/after values. Terms acceptance is immutable.
SOC 2-Aligned
Helmet-hardened HTTP headers, rate limiting, TLS 1.2+ enforced. US-only data residency.
Regulatory Coverage
See your penalty exposure in 10 minutes
Jump straight into the platform or reach out and we'll walk you through it — no generic sales pitch, ever.
Free migration from your previous vendor. Pricing predictability included.