SECURITIES AND EXCHANGE COMMISSION
WASHINGTON, D.C. 20549
ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the fiscal year ended
TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the transition period from to
Commission file number
(Exact Name of Registrant as Specified in its Charter)
(State or Other Jurisdiction of Incorporation or Organization)
(I.R.S. Employer Identification No.)
(Address of Principal Executive Offices)
(Registrant’s Telephone Number, Including Area Code)
Securities registered pursuant to Section 12(b) of the Act:
Title of each class
Name of each exchange on which registered
Securities registered pursuant to Section 12(g) of the Act: None
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes No
Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes No
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes No
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§ 232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). Yes No
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer”, “smaller reporting company” and “emerging growth company” in Rule 12b-2 of the Exchange Act. (Check one):
Smaller reporting company
Emerging growth company
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.
Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes No
As of September 30, 2021, the aggregate market value of the registrant’s voting and non-voting common equity held by non-affiliates was $
Number of shares of common stock outstanding on May 16, 2022:
Portions of the registrant’s definitive proxy statement for the registrant’s next Annual Meeting of Stockholders are incorporated by reference
into Part III of this Annual Report on Form 10-K.
TABLE OF CONTENTS
Cautionary Notice Regarding Forward-Looking Statements
This Annual Report on Form 10-K contains “forward-looking statements” within the meaning of federal securities laws. Any statements made in this Annual Report that are not statements of historical fact, including statements about our beliefs and expectations, are forward-looking statements. Forward-looking statements include information concerning possible or assumed future results of operations, including descriptions of our business plans and strategies, and our expectations, estimates and beliefs concerning matters that are not historical facts, including with respect to the UHG Transaction (as defined below). These statements often include words such as “anticipate,” “expect,” “suggest,” “plan,” “believe,” “intend,” “estimate,” “target,” “project,” “should,” “could,” “would,” “may,” “will,” “forecast,” “outlook,” “potential,” “continues,” “seeks,” “predicts,” and the negatives of these words and other similar expressions. Although we believe that these forward-looking statements are based on reasonable assumptions, you should be aware that factors affecting our actual financial results could cause actual results to differ materially from those expressed in the forward-looking statements, including those described below.
Summary of Material Risks
Our actual results may differ significantly from any results expressed or implied by any forward-looking statements. A summary of the principal risk factors that make investing in us risky and might cause our actual results to differ is set forth below. The following is only a summary of the principal risks that may materially adversely affect our business, financial condition and results of operations. Factors that could materially affect our financial results or such forward-looking statements include, among others, the following factors:
•the inability to complete the transactions contemplated by the Agreement and Plan of Merger (“UHG Agreement”) dated as of January 5, 2021 by and among Change Healthcare Inc., UnitedHealth Group Incorporated (“UnitedHealth Group”) and UnitedHealth Group’s wholly owned subsidiary Cambridge Merger Sub Inc. (the “UHG Transaction”) due to the failure to satisfy the conditions to the completion of the UHG Transaction, including that a governmental entity may prohibit, delay or refuse to grant approval for the consummation of the UHG Transaction. See Note 24;
•risks related to disruption of management’s attention from business operations due to the UHG Transaction;
•the effect of the announcement of the UHG Transaction on our operations, results and business generally;
•the risk that the UHG Transaction will not be consummated in a timely manner, exceeding the expected costs of the UHG Transaction;
•the occurrence of any event, change or other circumstances that could give rise to the termination of the UHG Agreement;
•macroeconomic and industry trends and adverse developments in the debt, consumer credit and financial services markets;
•uncertainty and risks related to the impact of the coronavirus (“COVID-19”) pandemic (including the rise of COVID-19 variant strains such as the Delta and Omicron variants) on the national and global economy, our business, suppliers, customers, and employees;
•our ability to retain and recruit key management personnel and other talent (including while the UHG Transaction is pending);
•our ability to retain or renew existing customers and attract new customers;
•our ability to connect a large number of payers and providers;
•our ability to provide competitive services and prices while maintaining our margins;
•further consolidation in our end-customer markets;
•our ability to effectively manage our costs;
•our ability to effectively develop and maintain relationships with our channel partners;
•our ability to timely develop new services and improve existing solutions;
•our ability to deliver services timely without interruption;
•a decline in transaction volume in the United States (U.S.) healthcare industry;
•our ability to maintain our access to data sources;
•our ability to maintain the security and integrity of our data;
•our reliance on key management personnel;
•our ability to manage and expand our operations and keep up with rapidly changing technologies;
•the ability of our outside service providers and key vendors to fulfill their obligations to us;
•risks related to our international operations;
•our ability to protect and enforce our intellectual property, trade secrets and other forms of unpatented intellectual property;
•our ability to defend our intellectual property from infringement claims by third parties;
•government regulation and changes in the regulatory environment;
•changes in local, state, federal and international laws and regulations, including related to taxation;
•economic and political instability in the U.S. and international markets where we operate;
•the economic impact of escalating global tensions, including the conflict between Russia and Ukraine, and the adoption or expansion of economic sanctions or trade restrictions;
•litigation or regulatory proceedings;
•losses against which we do not insure;
•our ability to make acquisitions and integrate the operations of acquired businesses;
•our ability to make timely payments of principal and interest on our indebtedness;
•our ability to satisfy covenants in the agreements governing our indebtedness;
•our ability to maintain our liquidity;
•the potential dilutive effect of future issuance of shares of our common stock, par value $.001 per share (our “common stock”); and
•the impact of anti-takeover provisions in our organizational documents and under Delaware law, which may discourage or delay acquisition attempts.
You should carefully consider the statements under Item 1A. Risk Factors and other sections of this report, which describe factors that could cause our actual results to differ from those set forth in the forward-looking statements.
Our forward-looking statements made herein speak only as of the date on which made. We expressly disclaim any intent, obligation or undertaking to update or revise any forward-looking statements made herein to reflect any change in our expectations with regard thereto or any change in events, conditions or circumstances on which any such statements are based. All subsequent written and oral forward-looking statements attributable to us or persons acting on our behalf are expressly qualified in their entirety by the cautionary statements contained in this report.
ITEM 1. BUSINESS
Change Healthcare Inc. (the “Company”, “our” or “we”) is a leading healthcare technology company, focused on accelerating the transformation of the healthcare system through the power of our Change Healthcare platform. We provide data and analytics-driven solutions to improve clinical, financial, administrative, and patient engagement outcomes in the U.S. healthcare system.
Our platform and comprehensive suite of software, analytics, technology enabled services and network solutions drive improved results in the complex workflows of healthcare system payers and providers by enhancing clinical decision making, simplifying billing, collection and payment processes, and enabling a better patient experience.
Our network, one of the strongest clinical and financial healthcare networks in the U.S., was created to facilitate the transfer of data among participants. With insights gained from our experience, applications and analytics portfolio, and our services operations, we have designed analytics solutions that include trusted, industry-leading franchises supported by extensive intellectual property and regularly updated content.
In addition to the advantages of scale, we offer the collaborative benefits of an important partner to the healthcare industry. We seek to establish and develop enduring relationships with each customer through solutions that deliver measurable results for their complex daily workflows. Our customer retention rate for our top 50 provider and top 50 payer customers was 100% for the fiscal year ended March 31, 2022. We believe our presence throughout the healthcare ecosystem help make us a preferred partner for technology companies and industry associations focused on driving innovation, standardization, and efficiencies in the healthcare industry.
Our solutions play an important role in the following areas of the healthcare system:
The U.S. healthcare system is undergoing massive changes at an unprecedented rate. Our mission is to help accelerate its transformation to a value-based care system from which everyone benefits. We deliver solutions and products that help increase efficiency, improve outcomes, and enhance consumer engagement throughout the consumer healthcare journey. That journey has three major stages:
•The Pre-Visit, which includes provider selection, scheduling an appointment, ensuring coverage and pre-authorization, medical record sharing and review, and understanding required payments.
•The Visit (or visits), during which financial clearance is provided, imaging and other clinical activities are managed, and medical necessity is ensured.
•The Post-Visit, which typically requires the resolution of payment, claims remittance and processing, and on-going patient engagement. This stage is increasingly important today as the industry moves toward value-based care and payment models.
Our mission to accelerate transformation of the healthcare system requires us to support all three stages with solutions that address the clinical, financial, and engagement requirements of the journey.
Our analytics-driven solutions are designed to improve delivery of care through better clinical decision-making, and to simplify billing and payment functions by reducing administrative errors and improving documentation. In addition, we seek to improve payers’ and providers’ relationships with consumers by offering solutions that enable price transparency and empower their decision-making and support. We believe that our solutions enable our customers to operate more efficiently and cost effectively. Our solutions have generated measurable financial and operational return on investment, improved quality of care, and a better patient experience.
We have a consistent track record of innovation. Our robust network connectivity and open Application Programming Interfaces (“API”), combined with our use of Artificial Intelligence (“AI”) and Machine Learning (“ML”), enables us to regularly improve our solutions and uncover new insights as our customers’ needs evolve.
Our ability to innovate is supported by approximately 1,600 technology professionals including PhDs, masters-level health policy experts, design professionals, data scientists, programmers and statisticians in our research and development centers located in key markets. We believe that our reach across the healthcare ecosystem and our history of commercializing innovations positions us to be a preferred partner for customers and leading healthcare and technology companies.
We believe we are well positioned for growth across the markets we serve. Our growth strategy is to increase the breadth and depth of our capabilities. We continue to increase our business with a strong base of long-standing customers by expanding our enterprise relationships and positioning them for success in their markets. Our comprehensive end-to-end solutions can reduce the complexity of our customer’s environments, yet are modular to meet their specific needs. We believe we are in the early stages of growth related to these opportunities.
Examples of our new product development include:
•Care Cost Estimator API: Utilizes Change Healthcare's clearinghouses and relationship with payers to determine patient eligibility, copay, coinsurance and deductible status, and return an accurate, personalized patient obligation estimate.
•Stratus Imaging PACS: Utilizes cloud-native architecture to allow radiology practices to build customized workflows and easily adopt new functionality that will provide long-term efficiency benefits.
•InterQual® 2021: Provides clinical decision support guidance on caring for COVID-19 patients, addressing social determinants of health, and the appropriate use of telehealth.
•Dual Eligibility Advocate: Optimizes payer revenue and member satisfaction by helping members obtain and retain added benefits through dual eligible enrollment.
•Coordination of Benefits: Delivers savings to payers through both cost avoidance and overpayment recovery by using AI to identify primary coverage from both Medicare and commercial plans
•ASAM Criteria Powered by InterQual: Integrates into existing care-management workflows, reduces the time required for substance use disorder (SUD) patient assessments, increases consistency, and streamlines the prior-authorization process using industry-standard criteria developed through an exclusive partnership with the American Society of Addiction Medicine (ASAM).
•Change Healthcare – Zasti Collaboration to Reduce Carbon Emissions from the Healthcare Industry: Enables providers to measure and benchmark their carbon footprint by leveraging AI to analyze individual procedures and bills of materials.
•Change Healthcare – Luma Partnership: Utilizing Luma Health's KLAS-recognized Healthcare Engagement Engine™ alongside Change Healthcare’s proven revenue cycle capabilities to create new patient engagement solutions that seamlessly connect every touchpoint across the patient journey.
We compete in the market for data and analytics-driven solutions that help ensure clinically appropriate care, increase efficiency and reduce waste in the healthcare industry. We believe the following trends impacting payers, providers and consumers represent a significant opportunity for us.
Wasteful spending amidst rising costs in the U.S. healthcare system.
Research cited by the Journal of the American Medical Association estimates that the cost of waste in the U.S. healthcare system ranged from $760 billion to $935 billion, accounting for approximately 25% of total healthcare spending in 2019. Examples of waste include failure to adhere to best care practices and lack of care coordination, which leads to unnecessary readmissions and inappropriate levels of care delivery. Wasteful spending includes significant variation among providers in the cost and quality of similar care from provider to provider, and market to market (not explained by geography alone), and also includes overtreatment, which is testing and care that is not medically beneficial.
Additionally, the U.S. healthcare system relies on many inefficient processes that are manual, complex, frequently changing, time consuming, prone to error, costly, and requiring undue amounts of clinicians’ and other professionals’ time. In addition, improper payments, according to the Office of Management and Budget, represented approximately 6% of all Medicare Fee-for-Service and 22% of Medicaid payments in 2021. Such improper payments and fraudulent billing create costly and labor-intensive follow-up. According to the Centers for Medicare & Medicaid Services (“CMS,”) U.S. healthcare spending is expected to grow from $4.1 trillion in 2020 to $6.2 trillion by 2028, accounting for approximately 20% of U.S. gross domestic product. This implies that healthcare spending is increasing at a 5.4% annual growth rate. Given the significant and lasting financial burden of ongoing rising costs and wasteful spending, government, commercial payers, and providers are increasingly focused on reducing costs attributable to administrative complexity and errors; excessive manual labor; and uncoordinated, unproductive, or ineffective processes. As a result, we expect continued strong demand for solutions that can aid in reducing waste, improving efficiency, and help ensure delivery of clinically appropriate and value-based care.
Healthcare system exposure to growing chronically ill and higher risk populations.
While the overall U.S. population is expected to increase 6.5% from 2022 to 2032, the population of adults age 65 and older is expected to increase 25.9% over the same period, according to the U.S. Census Bureau. As the country’s elderly population continues to grow, and the healthcare system serves more chronically ill and higher risk populations, providers and payers will need tools to onboard and manage these populations. These include the ability to deliver appropriate care for medically complex patients, and the ability to document risk and outcomes to attain the appropriate reimbursement rates associated with these populations.
Increasing prevalence of value-based care and alternative reimbursement models.
The traditional fee-for-service reimbursement model is viewed as having facilitated growth in healthcare spending beyond the value provided from additional services. In response, both public and private sectors are shifting towards alternative payment models that are designed to incentivize value and quality throughout an “episode of care” and the care continuum overall, which encompass most or all of the services provided to a patient to diagnose, treat, and manage a clinical condition before, during, and after care is delivered. In recent years, the U.S. Department of Health and Human Services (“HHS”) has set quality and value targets for certain Medicare value-based alternative payment models, and commercial payers are accelerating their focus in a similar fashion. These payment models require a high level of documentation, robust data, sophisticated payment attribution capabilities, and advanced
analytics that can adapt to new rules and goals to ensure compliance. Further, solutions seek to optimize the design, implementation, and monitoring of care delivery throughout an episode of care. Many payers and providers are still building the capabilities, expertise, and administrative processes to manage these changes adequately. They are increasingly partnering with third parties to demonstrate the achievement of the outcomes required under these value-based payment models, which require a fundamentally different skillset and toolset than what they have deployed historically.
Increasing patient financial responsibility and consumerism in healthcare.
As healthcare expenditures have continued to rise, employers and health plans have shifted costs to patients through increased adoption of high-deductible health plans. Enrollment in high deductible health plans with a savings option (HDHP/SO) has increased over the past six years, from 24% of covered workers in 2015 to 28% in 2021, according to the Kaiser Family Foundation. Increases in patient financial responsibility require providers to obtain payment from the patient before and after the point of care, which in turn requires more advanced billing and collection workflows. As providers become more consumer-oriented, they require increasingly sophisticated, dynamic, and personalized digital solutions, which generally necessitate scale for efficient implementation and cost-effectiveness. Likewise, as patient out-of-pocket costs continue to increase, they are becoming more quality- and cost-conscious consumers, likely to make more calculated decisions regarding their healthcare consumption. These empowered “healthcare consumers” are demanding price transparency, decision support, and access to medical records from their health plans to help them choose caregivers who deliver the highest quality care at the lowest price. Health plans are consequently partnering with third parties to provide their members with tools which enable them to assess quality and cost based on individual plan benefits. At the same time, providers seek to effectively communicate the quality and value of their services, determine patients’ upfront insurance eligibility, coverage, and ability to pay their portion of healthcare bills; and simplify the payment process to improve patient experience and satisfaction.
Proliferation of healthcare data.
The U.S. government funded almost $40 billion of incentive payments to healthcare providers between 2011 and July 2018 to adopt EHR technology. This has resulted in 80% of physicians and 96% of hospitals in the U.S. having certified EHR systems as of 2017, according to the Office of the National Coordinator for Health Information Technology (“ONC”). These EHRs, other digitized healthcare data, and the increasing amount of personal health data generated from smartphones, wearables, and other devices have generated unprecedented amounts of healthcare data in the U.S. However, healthcare data is often siloed and unstructured, and has historically been difficult for all constituents to understand and use in a timely manner. Both healthcare professionals and consumers increasingly demand tools and solutions that standardize the transfer and collection of data, as well as the ability to mine and analyze it for actionable insights. Advancements in ML, AI, and data science are making it easier to cost-effectively utilize data at scale, in real-time, to identify actionable insights that help improve outcomes and decrease cost. As healthcare data can be used more effectively, we expect that leading technology companies will increasingly seek partners who can effectively develop new software and analytics solutions to help payers and providers improve workflows and deliver higher quality care at lower cost to consumers.
Responding to the weaknesses exposed by the COVID-19 pandemic.
The COVID-19 pandemic disrupted our economy and nearly brought the healthcare system to its knees. It exposed and exacerbated weaknesses in the U.S. healthcare system’s clinical, financial, and technical infrastructure, including significant issues with clinical guidelines; patient access and capacity management; revenue stability; social determinants of health and care inequity; clinical data interoperability; telehealth coverage, access, and payment; staffing safety and remote work; contact tracing; gaps in value-based payment models and the impact on claims management; and, a safe and orderly return to normal. The pandemic highlighted the criticality of accelerating the transformation of the U.S. healthcare system by making it simpler, more accessible, more integrated and streamlined, and digitized for everyone.
As a provider of data and analytics-driven solutions for the U.S. healthcare system, we help embed our customers with their end-to-end daily workflows.
Our solutions support our customers’ core business functions, including member enrollment, patient access, treatment, documentation, reimbursement and payment, claims and financial management, and post-payment and communication. We believe our collaborative and comprehensive approach, combined with modular capabilities, is important to our customers’ ability to operate efficiently and cost-effectively. We earn the loyalty of our customers with solutions designed to help them meet clinical, financial, and operational objectives and improve their recurring and evolving processes.
Financial Platform Supported by Clinical Insight.
The Change Healthcare Platform is at the center of everything we do. Over the last year, we have increased the maturity of our platform, facilitated adoption of platform services, enabled new revenue opportunities, and driven time-to-market benefits for products across our portfolio. All of this is designed to help our customers innovate faster and more effectively.
Scale makes us a strong technology partner.
The ability of our solutions and network to fit within the workflows of our customers, and our breadth of industry relationships, position us to introduce best-in-class technologies to the healthcare industry at scale. Our customers take advantage of our innovations in AI, ML, robotic process automation (“RPA”), data science, and APIs to improve clinical, financial, and patient engagement outcomes. Our collaboration with technology leaders helps further broaden our scale with new, innovative solutions.
Modular and flexible solutions designed to serve a diverse, extensive customer base.
We deploy our solutions through complementary software and analytics, technology enabled services, APIs, and a network delivery model with the power to help customers improve revenue opportunities and reduce operational costs. At the same time, our solutions are modular and flexible, providing us with the ability to address a customer’s trajectory of needs with either point solutions or an end-to-end suite of services. In addition, we have the ability to deliver integrated solutions throughout our business.
Proven ability to serve the evolving needs of our customers with industry-leading solution franchises.
During fiscal year 2022, we added a number of new solutions to our business platform through new product development. As a long-time leader in healthcare data interoperability, we provide open APIs based on Fast Healthcare Interoperability Resources and other industry standards, which help us innovate with customers and partners across the industry. The ability to quickly and accurately sort through massive amounts of data from multiple sources and determine relevant patient information is crucial to outcomes. Our enterprise imaging solutions house more than 41 petabytes of imaging data and one billion exams through our systems. In that area, we continue to enhance the only cloud-native enterprise imaging solution in the market, helping customers modernize their workflow infrastructure, reduce capital and operating costs, improve care coordination across specialties, and speed accurate clinical decisions.
Data stewardship and security.
As the amount of data in healthcare grows and the ability to use that data becomes more essential to effective delivery, management, and administration, we expect data security to become increasingly important for our customers. Our history of delivering solutions while prioritizing data security and fidelity enables us to be the platform of choice for large customers and partners. We have multiple certifications on multiple offerings and we implement security procedures and policies informed by applicable law and recommended practices. We also aim to drive industry maturity through appointed leadership roles with HITRUST Alliance and Healthcare Information Security and Analysis Center.
Predictable revenue profile and attractive, scalable model.
We have an attractive operating profile given the predictable, recurring nature of a significant portion of our revenue combined with a scalable financial model. Our revenue is largely derived from recurring transactional, monthly subscription, and per-click formats, as well as contingency-based or long-term contracts. We continue to streamline costs and have instituted cost improvement initiatives throughout the organization. We believe our recurring revenue will provide us with increasing flexibility to allocate and deploy our capital.
Develop, augment and commercialize capabilities at scale.
We work closely with our customers to integrate our offerings into their workflows and business processes. We develop new products and services, partner with industry-leading companies and selectively acquire complementary technologies and businesses to enhance our offerings. We introduce solutions through one of three methods: (i) internal development based on feedback from our customers, partners, and the analytical capabilities of our platform and suite of solutions, (ii) commercial partnerships that are expansive and flexible, ranging from limited scope sales relationships to arrangements in which we are a significant customer and (iii) strategic acquisitions that strengthen the value we deliver to our customers.
Maximize wallet share with customers through cross-selling.
We have significant opportunities to expand the suite of services that our long-tenured and loyal customer base purchases from us through focused cross-selling. While we seek to continually improve our product and service offerings, our sales force is focused on expanding the scope and depth of our customer relationships. Our omni-channel sales force covers medium and larger customers with direct field sales teams and uses inside sales for direct coverage of smaller customers. We leverage our communication with and feedback from our customers to identify and execute on opportunities which expand and deepen relationships, while increasing the benefits they receive through our connectivity, software, analytics, and services.
Deliver comprehensive, end-to-end, modular solutions to customers.
Our solutions are comprehensive in that they meet a significant portion of our customers’ clinical and administrative needs and are integrated to improve functionality and usability, yet modular to meet the specific needs of our customers. Our goal is to
deliver offerings flexible enough to work with the legacy technologies still used by many of our customers, while also delivering more sophisticated and advanced solutions to customers as they upgrade their technology platforms.
Use our data assets to deliver tangible value to customers.
We continue to develop data-driven solutions to drive tangible returns for our customers. Through our data assets and associated analytics, we have created personalized, episodic, and population-based solutions for our customers to deliver high quality, low-cost solutions at scale.
We offer clinical, financial, and patient engagement solutions in three business segments—Software and Analytics, Network Solutions, and Technology-Enabled Services—that facilitate significant collaboration and interoperability to create a stronger, better coordinated, increasingly collaborative, and more efficient healthcare system. A summary of our various products and solutions is included below.
Software and Analytics
Our software solutions seek to enable our customers to achieve financial performance, operational excellence, and payment and network optimization, ultimately helping them navigate the industry’s transition to value-based care. In the Software and Analytics segment, we provide solutions for revenue cycle management, provider network management, payment accuracy, value-based payments, clinical decision support, consumer engagement, risk adjustment and quality performance, and imaging and clinical workflow.
We leverage our networks to enable and optimize connectivity and transactions among healthcare system participants. Through our Network Solutions segment, we provide solutions for financial, administrative, and clinical and pharmacy transactions, electronic payments and aggregation and analytics of clinical and financial data.
We provide expertise, resources, and scalability to allow our customers to streamline operations, optimize clinical and financial performance, and focus on patient care. Through our Technology-Enabled Services segment, we provide solutions for financial and administrative management, value-based care, communication and payment, pharmacy benefits administration and healthcare consulting.
Software and Analytics
Solutions across revenue cycle, payment accuracy, clinical decision, value-based payment, engagement, and workflow
Utilizes our network to enable financial, administrative, and clinical transactions; and electronic payments, and provides clinical and financial data analytics
Services to support financial and administrative management, value-based care, communication, and payment
Key Solution Areas
•Network & Financial Management
oValue-Based Payment Analytics
oPayment Accuracy Analytics & Services
oProvider Network Management Analytics
•Risk Adjustment & Quality Performance
oClinical Review Services
oMember Enrollment & Outreach
oTransparency & Provider Search
•Clinical Decision Support
•Revenue Cycle Management
•Imaging and Clinical Workflow Solutions
•Connected Consumer Health
oClinical Exchange Network
oCommonWell Health Alliance
oPayer Payment Solutions
oProvider Payment Solutions
oConsumer Payment Solutions
oRevenue Cycle Management
•Revenue Cycle Management
oPatient Access Center Services
oFinancial Clearance Services
oRevenue Integrity Services
oHospital Reimbursement Management Services
oPhysician Group Management Services
oPhysician Revenue Cycle Management Services
•Accountable Care Services
oNetwork Development and Physician Recruiting
oRisk Management and Population Health Services
oBusiness Process as a Service
•Communication & Payment Services
•Pharmacy Benefits Administration
•Commercial & Government Payers
•Hospitals / Health Systems
•Physicians and Other Providers
•Health IT Vendors
•Commercial & Government Payers
•Hospitals / Health Systems
•Physicians and Other Providers
•Health IT Vendors
•Commercial & Government Payers
•Hospitals / Health Systems
•Physicians and Other Providers
Software and Analytics
Network & Financial Management: We help commercial and government payers improve claims operations performance, payment model innovation, and provider network management through a comprehensive solution supporting payers across the entire payment continuum in the transition to value-based care and alternative payment models.
oValue-Based Payment Analytics: We combine a cloud-based analytics platform with clinically validated, transparent Episodes of Care to coordinate Primary Care Providers and Specialists in the effective transition to alternative payment models.
oPayment Accuracy Analytics & Services: Our comprehensive suite of solutions is designed to help payers combat risk of fraud, waste, and abuse at every stage of the claim, from pre-submission to post-payment.
Risk Adjustment & Quality Performance: We help payers and risk-bearing providers improve financial performance by supporting reimbursement for government-sponsored health plans – including risk adjustment and quality measures, such as the National Committee for Quality Assurance’s (“NCQA”) Healthcare Effectiveness Data and Information Set (“HEDIS”) – for the Medicare, Medicaid, and Commercial Affordable Care Act markets.
oDecision Analytics: We provide a comprehensive set of analytics-driven solutions for risk adjustment and quality performance that aligns with how government-sponsored plans are reimbursed.
oClinical Review Services: We provide solutions for medical records retrieval, coding, and abstraction for payers who want to increase incremental revenue and quality ratings for NCQA’s HEDIS and the Star Rating Program (a CMS system to help beneficiaries compare performance and quality).
Consumer Engagement: We help commercial and government payers adapt to the evolving needs of a more value-based, consumer-driven environment with consumer-facing tools used to support enrollment and ongoing health management processes. Our consumer engagement solutions help payers respond to many of the industry’s most pressing consumer engagement challenges, from addressing social determinants of health to engaging high-need populations, such as dual eligible individuals.
oMember Enrollment & Outreach: We provide member-centric solutions for payers—focusing on Medicare and Medicaid programs—to improve revenue, increase member satisfaction, and improve engagement in maintaining or improving their health. We have helped managed care payers add incremental revenue through dual enrollment. Additionally, our enrollment AI services pinpoint those individuals with the highest likelihood to qualify for full or partial Medicare and Medicaid dual eligibility.
Clinical Decision Support: Our clinical criteria, InterQual®, assists payers, providers and government organizations in making clinically appropriate medical utilization decisions to help determine the right care, at the right time, and at the right cost.
Revenue Cycle Management: We provide end-to-end revenue cycle management workflow and analytics to streamline reimbursement and time-to-revenue for hospitals, physician offices, laboratories, and other ancillary care providers by providing timely insights that reduce denials.
Imaging and Clinical Workflow Solutions: We help providers improve clinical, operational, and financial performance through enterprise imaging and care delivery solutions for acute and post-acute care settings. We have built and are building, from the ground up, cloud-native solutions to showcase the flexible nature of cloud services and delivery. The cloud-native network will enhance and optimize medical imaging data, enabling providers to improve clinical, financial, and operational outcomes.
Our networks provide connectivity that benefits all major healthcare stakeholders, including commercial and governmental payers, employers, hospitals, physicians, laboratories, pharmacies, and consumers.
oMedical Network: Our network provides support for healthcare financial and administrative transactions, including eligibility, claims, durable medical equipment, electronic remittance advice, claim status, pre-authorization, and medical attachments. Our Medical Network is integrated with our payments network, which allows payers and providers to reconcile consumer out-of-pocket cash and credit card payments with payer electronic funds transfer and check payments to settle bills and claims.
oDental Network: We provide eligibility, claims, electronic remittance advice, and payment solutions to dental practices primarily through software channel partners. Our solutions further simplify claims through our attachment technology, which tightly integrates claims processing workflows to ensure only essential attachments required by a payer are connected to a claim and delivered according to payer preferences.
oClinical Exchange Network: Our Clinical Exchange Network provides an efficient mechanism for EHRs, laboratories, and pharmacies to connect with each other and maintain regulatory certifications without the cost of expensive and redundant direct connections.
oMedRx Network: Our medical pharmacy network provides pharmacies with connectivity to commercial and government payers, supporting billing medical claims, such as durable medical equipment and immunizations, directly from the pharmacy management system.
oCommonWell Health Alliance: As the national service provider for CommonWell Health Alliance, we support an industry-wide interoperability effort to make available silos of data that reside within care settings and disparate health IT systems. Our services for CommonWell members include: (i) registration and unique identification of each individual enrolled; (ii) record locator services; (iii) linking of each individual’s clinical records across the care continuum; and (iv) data query and retrieval to enable caregivers to search, select and receive data.
Electronic Payments: Our electronic payment solutions support both business-to-business (“B2B”) and consumer-to-business (“C2B”) payments. We believe we are well positioned to further drive the healthcare industry’s adoption of convenient and cost-saving payment processes through our comprehensive network of payers and providers.
oPayer Solutions: We offer payers the ability to optimize distribution of payments and remittances in the most efficient manner via electronic funds transfer, direct payment, cards or check. We also assist our customers in automating these processes.
oProvider Solutions: We offer providers the ability to digitize payments and remittances, increasing automation and efficiency in payment posting processes and reducing the amount of paper documents.
oConsumer Payment Solutions: We help providers efficiently bill consumers and offer consumer-friendly options to help reduce bad debt while enhancing the consumer billing and payment experience.
Data Solutions: We help address increasing demands for data to support analytical needs related to performance improvement, consumer engagement, and value-based care.
oData Platform: We enable our customers to acquire and aggregate clinical, financial, and operational data from across the care continuum, analyze the data and make it available through applications or via direct feeds to a customer’s existing enterprise data warehouse and other analytics systems.
oData Commercialization: We provide de-identified data feeds informed by regulatory compliant formats and create applications and tools directly for customers or via third-party channel partners.
oData Science as a Service: We provide secure access to de-identified, patient-level claims data – including diagnoses and care prescriptions – along with social determinants of health, behavioral health, and other novel data for customers who want privacy-compliant healthcare analytics at scale.
Pharmacy Solutions: We offer a comprehensive suite of end-to-end pharmacy solutions that help streamline operations and improve financial results for both independent and chain pharmacies.
oPharmacy Management: Our scalable pharmacy management system helps our customers quickly adapt to changing market and business requirements with configurable workflows and dispensing rules that streamline in-store processes and improve staff efficiency.
oPharmacy Network: Our network helps pharmacies submit claims to any third-party processor; perform custom claims; edit claims that suit unique pharmacy requirements; streamline eligibility checks with access to coverage information for more than 270 million individuals; and reduce the financial burden of co-pays and medication adherence while driving revenue.
oRevenue Cycle Management: Our modular pharmacy revenue cycle management suite offers tools for third-party submission and reconciliation, outsourced “chasing claims”, contract management, appeal submission, and tracking services.
oPharmacy Analytics: We help pharmacies drive real-time, point-of-sale actions that enhance revenue with robust analytics that reveal insights into all areas of their business––from chain to individual store––with visualizations, dashboards, and reports for monitoring business operations, improving margins, minimizing costs/risks, and supporting health and wellness initiatives.
Revenue Cycle Management: We have a demonstrated ability to help improve collections, optimize operational efficiency, and enhance patient experience.
oPatient Access Services: We enable health systems and physician practices to provide a broad range of patient access services to their patients. We leverage call center technology with the flexibility to utilize EHR and practice management capabilities, providing a single source of accountability with reporting and continuous quality monitoring.
oRevenue Integrity Services and Consulting: Our Revenue Integrity services help providers mitigate risk, and include charge audit services, coding augmentation, coding quality audit, clinical documentation improvement staffing, and compliance review.
oHospital Reimbursement Management Services and Physician Revenue Cycle Management Services: We deliver billing and accounts receivable management to address government, commercial, and self-pay payments for hospitals, health systems, independent and hospital-employed physician practices, fire and emergency medical service agencies, and other healthcare organizations, such as independent and hospital-employed laboratories.
Accountable Care Services: We provide a broad scope Business Process as a Service (BPaaS) solution to payers, accountable care organizations, at-risk providers, and government agencies to successfully transition from fee-for-service reimbursement to payment models that reward high-quality and cost-effective care. We provide an enterprise class benefits administration
and claims processing platform, fully delegated, licensed third-party administration and Utilization Review Accreditation Commission (“URAC”) accredited clinical support services.
oNetwork Development and Physician Recruiting: We help commercial payers and managed care organizations successfully develop, manage, and scale clinically integrated networks and IPA networks.
oRisk Management and Population Health Services: We enable providers to drive growth and improve margin performance under all value-based payment models, ranging from capitation to shared savings programs.
oThird-Party Administration: We provide fully delegated, licensed third-party administration services that enable risk-bearing providers and payers to reduce the burden of foundational health plan administration, allowing for greater focus on strategic activities such as new product development and member engagement.
oBusiness Process as a Service (“BPaaS”): At the core of our BPaaS solution is our CMS compliant, real-time benefits administration and claims processing platform for all lines of business built entirely on contemporary technology. Our platform offers unlimited flexibility in defining benefit plans, provider contracts, and core business processes using “healthcare business rules” language that can be read and written by non-technical people.
Communications and Payment Services: We provide communication and payment solutions for payers, providers, channel partners and other stakeholders in the healthcare system.
oCommunications and Payments: We help payers produce and distribute explanation of benefits, explanation of payments, checks, claims and correspondence.
oPatient Billing and Statements: For providers and channel partners, we manage patient statements and related correspondence, integrated with our digital payment solution.
Pharmacy Benefits Administration (“PBA”): Our PBA solutions provide healthcare management and other administrative services for pharmacy payers and state Medicaid programs, as well as claims processing and other administrative solutions, in real-time, according to customer benefit plan designs, and present a cost-effective alternative to an in-house pharmacy claims adjudication system.
Consulting: Our healthcare consulting solutions help healthcare customers analyze, develop and implement business and technology strategies that are designed to align with healthcare trends and overall business goals.
We generally provide solutions to payer and provider customers on a per transaction, per document, per communication, per member per month, per provider per month, monthly flat-fee, contingent fee, or hourly fee, and software license, with recurring maintenance fee, basis. Our customer contracts are generally one to three years in term and automatically renew for successive annual terms unless terminated.
Payers: The payer market primarily consists of national commercial insurers, regional private insurers, BlueCross Blue Shield plans, Medicare/Medicaid plans, provider-sponsored payers, third party administrators, emerging technology and data-driven health plans and other specialty health benefits insurers. We are directly connected to their workflows and administrative and clinical systems and provide products and services to nearly all payers.
Providers: The provider market is comprised of hospitals and health systems, physician practices, dentists, pharmacies, skilled nursing facilities, home health agencies, telehealth providers, senior care facilities, laboratories, and other healthcare providers. We currently have contractual or submitter relationships with these providers, directly or through our channel partners.
We compete on the basis of the breadth and functionality of the solutions we offer on both an integrated and modular basis, the return on investment realized by our customers from our solutions, our value proposition and our pricing models. Our solutions compete with:
Healthcare transaction processing companies, including those providing electronic data interchange (“EDI”) services and/or internet-based services and those providing services through other means, such as paper and fax;
Healthcare information system vendors that support providers or payers with their revenue and payment cycle management, imaging usage, retrieval and management, capacity and resource management, and clinical information exchange processes, including physician and dental practice management, hospital information, imaging and workflow solutions and EHR vendors;
IT and healthcare consulting service providers;
Healthcare insurance companies, pharmacy benefit management and pharmacy benefit administrator companies, hospital management companies and pharmacies that provide or are developing electronic transaction and payment distribution
services for use by providers and/or by their members and customers;
Healthcare payments and communication solutions providers, including financial institutions and payment processors that have invested in healthcare data management assets, and print and mail vendors;
Healthcare eligibility and enrollment services companies;
Healthcare payment accuracy companies;
Healthcare engagement and transparency companies;
Healthcare billing and coding services companies;
Providers of other data products and data analytics solutions, including healthcare risk adjustment, quality, economic statistics and other data; and other data and analytics solutions; and
Licensors of de-identified healthcare information.
In some cases, we also compete with certain of our customers who provide some of the same solutions that we offer, as well as with alliances formed by our competitors. In addition, certain major software, hardware, information systems and business process outsourcing companies, both with and without healthcare companies as their partners, offer or have announced their intention to offer competitive products or services.
Substantially all of our business is directly or indirectly related to the healthcare industry and is affected by changes in the healthcare industry, including regulatory changes and fluctuations in healthcare spending. In the U.S. and other countries, the healthcare industry is highly regulated and subject to frequently changing political, legislative, regulatory and other influences. Although some regulatory requirements do not directly apply to our operations, these requirements affect the business of our payer and provider customers and the demand for our solutions. We also may be impacted by non-healthcare laws, requirements and industry standards. For example, banking and financial services industry regulations and privacy and data security regulations may impact our operations as a result of the electronic payment and remittance services we offer directly or through third-party vendors.
We are subject to a number of U.S. federal, state, local and foreign laws and regulations that involve matters central to our business. Failure to satisfy those legal and regulatory requirements, or the adoption of new laws or regulations, could have a significant negative impact on our results of operations, financial condition or liquidity. U.S. federal, state, local and foreign laws and regulations are evolving and can be subject to significant change. In addition, the application and interpretation of these laws and regulations are often uncertain. These laws are enforced by federal, state and local regulatory agencies in the jurisdictions where we operate, and in some instances also through private civil litigation. For a discussion of the risks and uncertainties affecting our business related to compliance with federal, state and other laws and regulations and other requirements, see “Risk Factors—Risks Related to Government Regulation and other Legal Risks—Recent and future developments in the healthcare industry could have a material adverse impact on our business, results of operations or financial condition,” “Risk Factors—Risks Related Government Regulation and other Legal Risks —Government regulation, industry standards and other requirements create risks and challenges with respect to our compliance efforts and our business strategies,” and “Risk Factors—Risks Related to Government Regulation and other Legal Risks —We are unable to predict what changes to laws, regulations and other requirements, including related contractual obligations, might be made in the future or how those changes could affect our business or the costs of compliance.”
Examples of the most significant of these laws include, but are not limited to, the following:
HIPAA Privacy and Security Requirements
There are numerous federal and state laws and regulations related to the privacy and security of health information. In particular, regulations promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act of 2009 (“HITECH Act”) and more recent laws such as the 21st Century Cures Act (the “Cures Act”) (Public Law 114-255), and Public Law 116-321 (the laws and regulations collectively, “HIPAA”) establish privacy and security standards that limit the use and disclosure of certain individually identifiable health information (known as “protected health information”). HIPAA requires the implementation of administrative, physical and technological safeguards to protect the privacy of protected health information and ensure the confidentiality, integrity and availability of electronic protected health information. The privacy regulations established under HIPAA also provide patients with rights related to understanding and controlling how their protected health information is used and disclosed. As a provider of services to entities subject to HIPAA, we are directly subject to certain provisions of the regulations as a “Business Associate.” We are also directly subject to the HIPAA privacy and security regulations as a “Covered Entity” with respect to our operations as a healthcare clearinghouse.
HIPAA requires us to enter into written agreements with certain contractors, known as business associates or subcontractors, to whom we may disclose protected health information. Covered Entities and Business Associates may be subject to penalties for, among other activities, failing to enter into a Business Associate Agreement where required by law or as a result of a business associate violating HIPAA. When acting as a Business Associate under HIPAA, to the extent permitted by applicable privacy regulations and contracts and associated Business Associate Agreements with our customers, we are permitted to use and disclose
protected health information to perform our services and for other limited purposes, but other uses and disclosures, such as marketing communications, require written authorization from the patient or must meet an exception specified under the privacy regulations. To the extent we are permitted to de-identify protected health information and use de-identified information for our purposes, determining whether such protected health information has been sufficiently de-identified to comply with the HIPAA privacy standards and our contractual obligations can require complex factual and statistical analyses and is subject to interpretation and judgment. To the extent we are permitted to provide data aggregation services relating to the healthcare operations of a Covered Entity, such services must meet HIPAA’s requirements and contractual obligations.
Other Privacy and Security Requirements
In addition to HIPAA, there are numerous other U.S. federal and state laws as well as international laws that govern the collection, processing, storage, dissemination, use, access to, transfer, destruction and confidentiality of personal information. Certain federal and state laws protect types of personal information that may be viewed as particularly sensitive. For example, the Confidentiality of Substance Use Disorder Patient Records (42 C.F.R. Part 2) is a federal law that protects information that would reveal if an individual has or had a substance use disorder. Similarly, New York’s Public Health Law, Article 27-F protects information that could reveal confidential HIV-related information about an individual. Some states have enacted or are considering new laws and regulations that would further protect this information, such as the California Consumer Privacy Act of 2018, the California Privacy Rights Act of 2020, the Virginia Consumer Data Protection Act of 2021, the Colorado Privacy Act of 2021 and the Utah Consumer Privacy Act of 2022, which have built upon and are more stringent in many respects than previous state laws in effect in the U.S. In many cases, state laws are more restrictive than, and not preempted by, HIPAA, and may allow personal rights of action with respect to privacy or security breaches, as well as fines. State laws are contributing to increased enforcement activity and may also be subject to interpretation by various courts and other governmental authorities. Further, Congress and a number of states have considered prohibitions or limitations on the disclosure of personal and other information to individuals or entities located outside of the U.S. The U.S. Congress is also currently considering a generally applicable national privacy law that may supplant such states’ comprehensive consumer privacy laws.
There also are numerous international privacy and security laws that govern the collection, dissemination, use, access, retention, protection, transfer and confidentiality of personal information. For example, the EU General Data Protection Regulation (“GDPR”), which became effective on May 25, 2018 (and the United Kingdom equivalent, the “UK GDPR”, implemented after the United Kingdom’s exit from the EU), is more stringent than laws and regulations governing personal information in the U.S. Certain of our solutions involve the transmission and storage of customer data in various jurisdictions, which subjects the operation of that service to privacy or data protection laws and regulations in those jurisdictions as well as the regulations regarding international transfers of personal information under such laws.
Data Protection and Breaches
Every state requires holders of personal information to maintain safeguards and take certain actions in response to a data breach, such as providing prompt notification of the breach to affected individuals or the state’s attorney general. In some states, these laws are limited to electronic data, but states increasingly are enacting or considering stricter and broader requirements. Additionally, HIPAA imposes certain notification requirements on both Covered Entities and Business Associates. In certain circumstances involving large breaches, requirements may even involve notification to the media. A non-permitted use or disclosure of protected health information is presumed to be a breach under HIPAA unless the Covered Entity or Business Associate establishes that there is a low probability the information has been compromised consistent with requirements enumerated in HIPAA.
Further, the Federal Trade Commission (“FTC”) has prosecuted certain data breach cases as unfair and deceptive acts or practices under the Federal Trade Commission Act. In addition, by regulation, the FTC requires creditors, which may include some of our customers, to implement identity theft prevention programs to detect, prevent and mitigate identity theft in connection with customer accounts. Although Congress passed legislation that restricts the definition of “creditor” and exempts many healthcare providers from complying with this identity theft prevention rule, we may be required to apply additional resources to our existing processes to assist our affected customers in complying with this rule.
HIPAA Transaction and Identifier Standards
HIPAA and our implementing regulations mandate format and data content standards and provider identifier standards (known as the National Provider Identifier) that must be used in certain electronic transactions, such as claims, payment advice and eligibility inquiries. HHS has established standards that health plans must use for electronic fund transfers with providers, has established operating rules for certain transactions, and is in the process of establishing operating rules to promote uniformity in the implementation of the remaining types of covered transactions. The Patient Protection and Affordable Care Act, as amended by the Health Care and Education Reconciliation Act of 2010 (collectively, the “ACA”) also requires HHS to establish standards for health claims attachment transactions. HHS has modified the standards for electronic healthcare transactions (e.g., eligibility, claims submission and payment and electronic remittance) from Version 4010/4010A to Version 5010, except for certain retail pharmacy transactions, which use National Council for Prescription Drug Programs standards for pharmacy and supplier transactions and
Medicaid subrogation. Further, as of 2015, HHS requires the use of updated standard code sets for diagnoses and procedures. Enforcement of compliance with these standards falls under HHS and is carried out by CMS.
Anti-Kickback Laws and Anti-Referral Laws
A number of federal and state laws govern patient referrals, financial relationships with physicians and other referral sources and inducements to providers and patients, including restrictions contained in amendments to the Social Security Act, commonly known as the federal Anti-Kickback Statute (“AKS”). The AKS prohibits any person or entity from offering, paying, soliciting or receiving, directly or indirectly, anything of value with the intent of generating referrals of items or services covered by Medicare, Medicaid or other federal healthcare programs. Courts have interpreted the law to provide that a financial arrangement may violate this law if any one of the purposes of an arrangement is to encourage patient referrals or other federal healthcare program business, regardless of whether there are other legitimate purposes for the arrangement. Violation of the AKS is a felony, and penalties for AKS violations can be severe, and include imprisonment, criminal fines, civil penalties with treble damages (when the federal False Claims Act (“FCA”) is implicated) and exclusion from participation in federal healthcare programs. The ACA broadened the reach of the AKS by amending the intent requirement, such that a person or entity no longer needs to have actual knowledge of the AKS or specific intent to violate it in order to have committed a violation. In addition, as further discussed below, the ACA provided that the government may assert that a claim which includes items or services resulting from a violation of the AKS constitutes a false or fraudulent claim for purposes of the FCA, as well as restrictions contained in amendments to the Social Security Act, commonly known as the federal Civil Monetary Penalties Law (“CMP”). The AKS contains a limited number of exceptions, and the Office of the Inspector General (“OIG”) of HHS has created regulatory safe harbors to the AKS. Activities that comply with a safe harbor are deemed protected from prosecution under the AKS. Failure to meet a safe harbor does not automatically render an arrangement illegal under the AKS. The arrangement, however, does risk increased scrutiny by government enforcement authorities, based on the particular facts and circumstances. Our contracts and other arrangements may not meet an exception or a safe harbor. Additionally, many states have similar anti-kickback laws that are not necessarily limited to items or services for which payment is made by a federal or state healthcare program. In addition, federal laws restricting certain physician self-referrals (also known as the “Stark Law”), as well as state counterparts, may prohibit payment for patient referrals, patient brokering, remuneration of patients, or billing based on referrals between individuals or entities that have various financial, ownership, or other business relationships with physicians or other healthcare providers. The Stark Law is very complex, and state anti-referral laws vary widely. As noted below, to the extent we undertake billing and coding for designated health services, such activities may be subject to the Stark Law.
False or Fraudulent Claim Laws; Medical Billing and Coding
Medical billing, coding and collection activities are governed by numerous federal and state civil and criminal laws, regulations, and sub-regulatory guidance. We provide billing and coding services, claims processing and other solutions to providers that relate to, or directly involve, the reimbursement of health services covered by Medicare, Medicaid, other federal and state healthcare programs and private payers. In addition, as part of our data transmission and claims submission services, we may employ certain edits, using logic, mapping and defaults, when submitting claims to third-party payers. Such edits are utilized when the information received from providers is insufficient to complete individual data elements requested by payers. We also provide solutions including risk analytics, chart reviews, payment accuracy, audit functions and enrollment and eligibility, to Medicaid and Medicare managed care plans, commercial plans and other entities. These solutions, which include identifying diagnosis codes with respect to hierarchical condition categories, impact the amounts paid by Medicare and Medicaid to managed care plans. In addition, some solutions we offer to customers enable customers to certify to compliance with certain requirements and standards, such as Promoting Interoperability Program requirements. We rely on our customers to provide us with accurate and complete information and to appropriately use analytics, codes, reports and other information in connection with the solutions we provide to them, but they may not always do so. As a result of these aspects of our business, we may be subject to, or contractually required to comply with, numerous federal and state laws that prohibit false or fraudulent claims including but not limited to the FCA, the CMP, and state equivalents.
In addition, the FCA prohibits the knowing submission of false claims or statements to the federal government, including to the Medicare and Medicaid programs. The FCA also contains qui tam, or whistleblower provisions, which allow private individuals to sue on behalf of the federal government alleging that the defendant has defrauded the federal government.
Exclusion from Participation in Government Healthcare Programs
We are also subject to the exclusion rules of the OIG whereby individuals and entities convicted of program-related crimes are excluded from participation in the Medicare and Medicaid programs. A company that employs or contracts with an OIG-excluded individual and submits a claim for reimbursement to a federal healthcare program, or causes such a claim to be submitted, may itself be excluded or may be subject to significant penalties under the CMP, plus treble damages, for each item or service furnished during the period in which the individual or entity was excluded. A company contracting with providers has an affirmative duty to check the exclusion status of individuals and entities prior to entering into employment or contractual relationships and periodically re-check thereafter, or run the risk of liability under the CMP.
FDA and International Regulation of Medical Software
Certain of our products are classified as medical devices and are subject to regulation by the Food and Drug Administration (“FDA”) and numerous other federal, state and foreign governmental authorities. In the U.S., the FDA permits commercial distribution of a new medical device after the device has received clearance under Section 510(k) of the Federal Food, Drug and Cosmetic Act (“FDCA”), or is the subject of an approved premarket approval application, unless the device is specifically exempt from those requirements. Moreover, the FDA has increasingly focused on the regulation of medical software and health information technology products as medical devices under the FDCA. For example, in February 2015, the FDA issued guidance to inform manufacturers and distributors of medical device data systems that it did not intend to enforce compliance with regulatory controls that apply to medical device data systems, medical image storage devices, and medical image communication devices. The Cures Act, enacted in December 2016, builds on the FDA’s efforts to limit the regulation of low-risk medical devices by exempting certain categories of software functions from the definition of “medical device” under the FDCA, including software functions intended for administrative support of a healthcare facility and certain functions related to the exchange and use of electronic medical records. However, a software function may not be excluded from the device definition if the FDA determines that use of the software function would be reasonably likely to have serious adverse health consequences. As a result of the Cures Act, the FDA updated or issued new guidance documents that reflect changes to the agency’s pre-Cures Act medical software policies. For example, the FDA revised the medical device data systems guidance to clarify that software functions that are solely intended to transfer, store, convert formats, and display medical device data and results are not devices and are not subject to FDA regulatory requirements.
Foreign governmental authorities that regulate the manufacture and sale of medical devices have become increasingly stringent and, where we sell our medical device solutions internationally, we are subject to international regulation regarding these medical device solutions. For example, in May 2017, the European Union (“EU”) Medical Devices Regulation (“MDR”) (Regulation 2017/745) was adopted and, after an amendment in April 2020, the MDR came into effect in May 2021. The MDR repeals and replaces the EU Medical Devices Directive. Unlike directives, which must be implemented into the national laws of the EU Member States, the MDR is directly applicable in the EU Member States and on the basis of the European Economic Area (“EEA”) agreement in Iceland, Lichtenstein and Norway. The MDR, among other things, is intended to establish a uniform, transparent, predictable and sustainable regulatory framework across the EEA for medical devices and ensure a high level of safety and health while supporting innovation. The MDR, among other things:
•Strengthens the clinical data requirements related to medical devices;
•Imposes additional scrutiny during the conformity assessment procedure for high risk medical devices;
•Imposes on manufacturers and authorized representatives the obligation to have a person responsible for regulatory compliance continuously at their disposal;
•Requires that authorized representatives be held legally responsible and liable for defective products placed on the EEA market jointly with the device manufacturers;
•Reinforces post market surveillance requirements applicable to CE marked medical devices;
•Improves the traceability of medical devices throughout the supply chain to the end-user or patient through a Unique Device Identification System; and
•Increases transparency. Information from several databases concerning economic operators, CE Certificates of Conformity, conformity assessment, clinical investigations, the Unique Device Identification system, adverse event reporting and market surveillance will be available to the public.
There is increasing demand among customers, industry groups and government authorities that healthcare IT products provided by various vendors be compatible with each other and allow for the efficient exchange of electronic information. Certain federal and state agencies have developed standards regarding electronic exchange of information and interoperability, which are subject to regular revision and updates, and we need to modify and enhance products and services accordingly. For example, under the Cures Act, the ONC within HHS developed and, in January 2022, published the Trusted Exchange Framework: Principles for Trusted Exchange, which describes a set of non-binding principles to facilitate the exchange of health information between networks. ONC also published the Common Agreement for Nationwide Health Information Interoperability in January 2022, which is a contract that establishes a technical infrastructure model and governing approach for users in different health information networks to securely share clinical information. Although the Cures Act does not make implementation of the Trusted Exchange Framework mandatory, the Cures Act encourages its adoption through the establishment of a publicly available directory of networks that are capable of trusted exchange and by permitting federal agencies to require implementation of the Trusted Exchange Framework by network contractors as the contractors update their health IT or operational practices.
The Cures Act also encouraged interoperability through changes to EHR certification standards implemented as part of HHS’s programs to promote interoperability. In March 2020, the ONC and CMS released final regulations concerning interoperability and information blocking. The final ONC rules address, among other things, the kinds of industry behaviors that do and do not constitute information blocking under the Cures Act and include new criteria involving exporting electronic health information and
standardized APIs for patient services. Health IT developers, exchanges, or networks that do engage in such information blocking by knowingly adopting practices that are likely to interfere with, prevent, or materially discourage the access, exchange, or use of electronic health information, may be subject to civil monetary penalties of up to $1 million per violation. The final CMS rule, among other things, effectively mandates interoperability as a condition for participating in Medicare. These new rules are not currently applicable to us, but they may be modified to become applicable to us later. Also, customers may insist that we develop solutions that would subject us to the information blocking rules, and we would incur costs in developing those solutions and becoming compliant with the information blocking rules. We may also be required to have certain solutions certified by the ONC, which could further increase development costs and delay customer sales and implementations.
Restrictions on Communications
Communications with our customers and our customers’ patients are subject to laws and regulations governing communications, including the Telephone Consumer Protection Act of 1991 (the “TCPA”), the CAN-SPAM Act, and additional fax regulations under the Junk Fax Act and data privacy rules under the California Consumer Privacy Act of 2018, as well as potentially under non-U.S. laws that regulate communications and messaging and that affect our operations, such as Canada’s Anti-Spam Law (“CASL”), GDPR, and the EU’s e-Privacy Directive and implementing member state laws. We also use email and social medial platforms as marketing tools. For example, we maintain social media accounts and may occasionally email customers offers and promotions. As laws and regulations, including FTC enforcement, rapidly evolve to govern the use of these platforms and devices, we will become subject to such laws and regulations.
Financial Services Related Laws, Regulations and Industry Standards
Financial services and electronic payment processing services are subject to numerous laws, regulations and industry standards. These laws may subject us, our vendors and our customers to liability as a result of our communication and payment solutions. Although we do not act as a bank, we offer solutions that involve banks, or vendors who contract with banks and other regulated providers of financial services. We rely on relationships with such banks, vendors and providers. If we fail to maintain these relationships or if we maintain them under new terms that are less favorable to us, our business, results of operations or financial condition could suffer. The various payment modalities that we offer our customers directly and through banks, vendors, or other regulated providers may be deemed regulated activity at the federal or state level, and, as a result, we may be affected by banking and financial services industry laws, regulations and standards, such as licensing requirements, solvency standards, reporting and disclosure obligations and requirements to maintain the privacy and security of nonpublic personal financial information. In addition, our communication and payment solutions may be affected by payment card industry operating rules and security standards, certification requirements, state prompt payment laws and other rules governing electronic funds transfers. Moreover, in addition to regulatory requirements related to electronic funds transfers, payment transactions processed using the Automated Clearing House Network are subject to network operating rules promulgated by the National Automated Clearing House Association, and these rules may affect our payment practices. Certain payment transactions may be subject to card association and network rules and standards. Finally, as we expand our financial services offerings we may be subject to additional laws and regulations, including certain consumer protection laws such as the Fair Debt Collections Practices Act, the Fair Credit Reporting Act and various other state laws implicated by such financial services.
Foreign Corrupt Practices Act and Bribery Laws
The U.S. Foreign Corrupt Practices Act (“FCPA”) and similar international bribery laws make it unlawful for entities to make payments to foreign government officials to assist in obtaining and maintaining business. Specifically, the anti-bribery provisions of the FCPA prohibit any offer, payment, promise to pay, or authorizing the payment of money or anything of value to any person, while knowing that all or a portion of such money or thing of value will be offered, given or promised, directly or indirectly, to a foreign official to do or omit to do an act in violation of his or her duty, or to secure any improper advantage in order to assist in obtaining or retaining business for or with, or directing business, to any person. In addition to the anti-bribery provisions of the FCPA, the statute also contains accounting requirements designed to operate in tandem with the anti-bribery provisions. Covered companies are required to make and keep books and records that accurately and fairly reflect the transactions of the company and devise and maintain an adequate system of internal accounting controls.
Physician Payments Sunshine Act
The Physician Payments Sunshine Act of 2010 (“Sunshine Act”), as amended by the Substance Use-Disorder Prevention that Promotes Opioid Recovery and Treatment for Patients and Communities Act, and implementing regulations requires manufacturers of medical devices covered by Medicare, Medicaid, and the Children’s Health Insurance Program to collect and track all financial relationships with certain healthcare providers and teaching hospitals and to report annually such data to CMS. Medical device manufacturers must report to CMS payments or “transfers of value” made to specified healthcare providers, including meals, travel reimbursement, consulting fees and research payments. The Sunshine Act authorizes significant civil monetary penalties for each payment or transfer of value not accurately or completely reported. In addition, several states and the District of Columbia have passed laws requiring that medical device manufacturers report various details of their financial relationships with specified healthcare
providers. Some states prohibit or otherwise limit transfers of value to specified healthcare providers. Violation of these state statues could subject us to fines for each occurrence.
Payment Card Industry Standards
We accept credit card, eCheck, ACH Payments, and payments via online portal, phone/Interactive Voice Response system or by mail. We also enable payers to collect member premium payments. These transactions are regulated at the federal, state and international levels as well as by certain industry groups, such as the Payment Card Industry Security Standards Council, the National Automated Clearing House Association and individual credit card issuers. Federal, state, international and industry groups also may consider and implement from time to time new privacy and security requirements that apply to our business. Compliance with contractual obligations and evolving privacy and security laws, requirements and regulations may result in cost increases due to necessary systems changes, new limitations or constraints on our business and the development of new administrative processes. If we fail to adequately control fraudulent ACH, credit card and debit card transactions, we may face civil liability, diminished public perception of our security measures and significantly higher ACH, credit card and debit card related costs, each of which could adversely affect our business, financial condition and results of operations. The termination of our ability to process payments through ACH transactions or on any major credit or debit card would adversely affect our ability to operate our business.
Other State Healthcare Laws
Many states in which we provide clinical care in-home assessment services prohibit corporations and other non-licensed entities from practicing medicine, nursing and other licensed professions by employing physicians and certain non-physician practitioners. These prohibitions on the corporate practice of medicine, nursing and other licensed professions impact how we structure our relationships with physicians and other affected non-physician practitioners. In addition, some states have restrictions on physicians and other healthcare practitioners splitting fees with non-practitioners or restrict the ability of practitioners to assign claims for reimbursement from government healthcare programs. Some states have interpreted these laws to prevent business service providers from charging their physician clients on the basis of a percentage of collections or charges. Furthermore, we hold certain state licenses and enrollments in government healthcare programs which subject us to additional requirements and scrutiny by government regulators.
We rely on a combination of trade secrets, copyrights, trademarks, patents, license agreements, confidentiality policies and procedures, nondisclosure agreements and technical measures designed to protect the intellectual property and commercially valuable confidential information and data used in our business. We generally enter into nondisclosure agreements with our employees, consultants, vendors and customers. This also seeks to control access to and distribution of our technology, documentation and other proprietary information.
We use numerous trademarks, trade names and service marks for our solutions and have a number of patents and patent applications covering solutions we provide, including software applications. However, we do not believe our solutions are dependent upon any one patent or patent application, or family or families of the same. We also license from third parties a variety of content, data and other intellectual property. Although we believe that alternative technologies and work-arounds are likely to be available should these agreements terminate or expire, there is no guarantee that third-party technologies will continue to be available on commercially reasonable terms or that work-arounds would be readily available for deployment on a commercially reasonable time-frame.
The steps we have taken to protect our trade secrets, copyrights, trademarks, service marks, patents and other intellectual property may not be adequate, and third parties could infringe, misappropriate or misuse our intellectual property. If this were to occur, it could harm our reputation and adversely affect our competitive position or results of operations.
Human Capital Management
As of March 31, 2022, we had approximately 14,000 employees. Our board of directors oversees and receives regular updates on topics related to human capital management and corporate culture, including retention, employee engagement, workforce health and safety and privacy and information security. We aim to attract, develop and retain our team members using the human capital management and corporate culture practices summarized below.
Learning and Development
We invest in our employees’ success through Change Healthcare University and our Career Development Center. These programs help our employees expand their knowledge and gain foundational understanding to support their growth and development.
Diversity & Inclusion
We aim to create a diverse workforce, develop a culturally competent organization and build an inclusive culture. To support these goals, we prioritize diversity and inclusion training for our employees, including Unconscious Bias Training, and we track our
progress with our annual Diversity and Inclusion report. Additionally, we support Business Resource Groups that represent a wide range of professional, cultural and personal affinities and interests. Each group is supported by a senior leader and provides our team members with an opportunity to connect and network.
Total Rewards, Health and Wellness and Community
We provide competitive salary, annual incentive awards, benefits programs, health and wellness benefits, stress and financial management resources, work/life balance resources, mental health resources and Teladoc Health access. To support our communities, our employees volunteered over 30,000 hours in the U.S. and Canada in fiscal year 2020. We provide paid volunteer days and, in the last year, we introduced an employee matching gifts program.
The nature of our customers’ end-market results in moderate seasonality reflected in revenue differences during the year with a slightly greater positive variance in our fiscal fourth quarter related to the regulatory impact of data submission deadlines due to HEDIS, which may drive timing of analytics activity. Quarter to quarter financial performance may vary from historical seasonal trends as we further expand and diversify our business and increase the portion of our revenue generated from new offerings.
Our website is www.changehealthcare.com. Available on this website, free of charge, are our annual reports on Form 10-K, quarterly reports on Form 10-Q, current reports on Form 8-K and all amendments to those reports as soon as reasonably practical after such material is electronically filed or furnished to the SEC. Alternatively, you may access these reports at the SEC’s website at www.sec.gov.
ITEM 1A. RISK FACTORS
The risks described below could have a material adverse impact on our business, financial condition or operating results. Although it is not possible to predict or identify all such risks and uncertainties, they may include, but are not limited to, the factors discussed below. The risks described herein are not the only risks we may face. Additional risks and uncertainties not currently known to us or that we currently deem to be immaterial may also materially adversely affect our business, financial condition or operating results.
Risks Related to the Proposed Transaction with UnitedHealth Group
The conditions under the UHG Agreement to our consummation of the transaction with a subsidiary of UnitedHealth Group may not be satisfied at all or in the anticipated timeframe.
Under the terms of the UHG Agreement, the consummation of our transaction with a subsidiary of UnitedHealth Group is subject to customary conditions. Satisfaction of certain of the conditions is not within our control, and difficulties in otherwise satisfying the conditions may prevent, delay or otherwise materially adversely affect the consummation of the transaction. It also is possible that an event, occurrence, revelation or development of a state of circumstances or facts since the date of the UHG Agreement may have or reasonably be expected to have a material adverse effect (as defined in the UHG Agreement) on the Company, the non-occurrence of which is a condition to the consummation of the transaction.
On February 24, 2022, the U.S. Department of Justice (“DOJ”) and certain other parties commenced litigation to block the UHG Transaction, and the Company continues to support UnitedHealth Group in working toward closing the merger. On April 4, 2022, the parties to the UHG Agreement entered into a waiver (the “Waiver”) pursuant to which, among other things, the Company and UnitedHealth Group each waived its right to terminate the UHG Agreement due to a failure of the UHG Transaction to have been consummated by the Outside Date (as defined in the UHG Agreement) until the earlier of (i) 5:00 p.m. (New York time) on the tenth business day following a final order (whether or not appealable) issued by the U.S. District Court for the District of Columbia (the “Trial Court”) with respect to the complaint filed by the U.S. Department of Justice and certain other parties regarding the UHG Transaction that permanently prohibits the consummation of the UHG Transaction and (ii) 11:59 p.m. (New York time) on December 31, 2022 (the “Waiver Period”); provided, that if (A) the Trial Court issues a final order that permits the consummation of the UHG Transaction (whether or not subject to conditions), (B) any plaintiff appeals such order and (C) the ability to consummate the UHG Transaction is enjoined or otherwise prohibited by a governmental entity pending such appeal, then the Waiver Period may be extended by either UnitedHealth Group or the Company (in each case, acting in its sole discretion) to 5:00 p.m. (New York time) on March 31, 2023, by providing written notice to the other party prior to 11:59 p.m. (New York time) on December 31, 2022.
We cannot predict with certainty whether and when any of the required conditions will be satisfied. If the DOJ prevails to block the transaction, or if another event occurs delaying or preventing the transaction, such delay or failure to complete the transaction may create uncertainty or otherwise have negative consequences that may materially and adversely affect our sales, financial condition and results of operations, as well as the price per share for our common stock.
While the proposed transaction is pending, we are subject to business uncertainties and contractual restrictions that could disrupt our business.
Whether or not the proposed transaction is consummated, the proposed transaction may disrupt our current plans and operations, which could have an adverse effect on our business and financial results. The pendency of the transaction may also divert management’s attention and our resources from ongoing business and operations and our employees and other key personnel may have uncertainties about the effect of the pending transaction, and the uncertainties may impact our ability to retain, recruit and hire key personnel while the transaction is pending or if it fails to close. We may incur unexpected costs, charges or expenses resulting from the transaction. Furthermore, we cannot predict how our physician, health plan and other partners will view or react to the transaction upon consummation. If we are unable to reassure our partners to continue their partnerships and affiliates with us, our revenues, financial condition and results of operations may be adversely affected.
The preparations for integration between UnitedHealth Group and the Company have placed, and we expect will continue to place, a significant burden on many of our teammates and on our internal resources. If, despite our efforts, key teammates depart because of these uncertainties and burdens, or because they do not wish to remain with the combined company, our business and results of operations may be adversely affected. In addition, whether or not the transaction is consummated, while it is pending we will continue to incur costs, fees, expenses and charges related to the proposed transaction, which may materially and adversely affect our financial condition and results of operations.
In addition, the UHG Agreement generally requires the Company to operate its business in the ordinary course of business consistent with past practice pending consummation of the merger and also restricts us from taking certain actions with respect to our business and financial affairs without UnitedHealth Group's consent. Such restrictions will be in place until either the UHG Transaction is consummated or the UHG Agreement is terminated. For these and other reasons, the pendency of the UHG Transaction could adversely affect our business and results of operations.
In the event that our proposed transaction with a wholly-owned subsidiary of UnitedHealth Group is not consummated, the trading price of our common stock and our future business and results of operations may be negatively affected.
The conditions to the consummation of the proposed transaction may not be satisfied as noted above. If the transaction is not consummated, we would remain liable for significant transaction costs, and the focus of our management would have been diverted from seeking other potential strategic opportunities, in each case without realizing any benefits of the proposed transaction. For these and other reasons, not consummating the transaction could adversely affect our business and results of operations. Furthermore, if we do not consummate the transaction, the price of our common stock may decline significantly from the current market price, which we believe reflects a market assumption that the transaction will be consummated. Certain costs associated with the transaction have already been incurred or may be payable even if the transaction is not consummated. Further, a failed transaction may result in negative publicity and a negative impression of us in the investment community. Finally, any disruptions to our business resulting from the announcement and pendency of the transaction, including any adverse changes in our relationships with our customers, vendors and employees or recruiting and retention efforts, could continue or accelerate in the event of a failed acquisition.
Risks Related to the COVID-19 Pandemic
Significant setbacks in the reopening of the global economy or reinstatement of lockdowns or other restrictions as a result of the ongoing COVID-19 pandemic may adversely impact our business, results of operations or financial condition.
The impact of the COVID-19 pandemic has rapidly evolved around the globe, with many countries, at various times, taking meaningful measures to limit the spread of the virus by instituting quarantines or lockdowns, imposing travel restrictions and vaccination mandates for certain workers or activities and limiting operations of certain non-essential businesses. In 2021, the global economy began reopening and robust economic activity supported a continued recovery. However, the emergence of COVID-19 variants and related surges in COVID-19 cases have contributed to certain setbacks to reopening and could trigger the reinstatement of restrictions, including mandatory business shut-downs, travel restrictions, reduced business operations and social distancing requirements. Many medical and public health experts believe that COVID-19 could perpetually reoccur for years, such as seasonally in winter, and even if generally ceasing to be fatal for most people, such reoccurrence could increase the possibility of periods of increased restrictions on business operations. These and other factors may delay a return to pre-pandemic, ordinary course economic activity, or cause the U.S. economy or other major global economies to experience contraction or slower growth. In addition, the COVID-19 pandemic continues to cause labor shortages and disrupt global supply chains, which has contributed to prolonged disruptions. The COVID-19 pandemic is also contributing to growing inflationary pressures, particularly in the U.S., where inflation continues to show signs of acceleration.
As a result of volatile or uncertain economic conditions, we may experience the negative effects of increased financial pressures on payer and provider customers. For instance, our business has been and is likely to continue to be negatively impacted by increased competitive pricing pressure and a decline in our customers’ creditworthiness, which could result in us incurring increased bad debt expense. Additionally, our business may be negatively impacted by provider customers declaring bankruptcy as a result of
the COVID-19 pandemic. Further, volatile or uncertain economic conditions in the U.S. and other parts of the world could lead government customers to terminate, or elect not to renew, existing contracts with us, or not enter into new contracts with us. All of the above may adversely impact our business, financial condition, results of operations, liquidity and prospects materially and would also exacerbate many of the other risks discussed in this “Risk Factors” section.
Our business has been negatively affected by the COVID-19 pandemic and may face similar impacts from any future outbreaks of disease.
Our operations have been affected by the ongoing global COVID-19 pandemic and the resulting volatility and uncertainty it has caused in the U.S. and international markets.
Although there are effective vaccines for COVID-19 that have been approved for use, we are unable to predict how widely utilized the vaccines will be, whether they will ultimately be effective in preventing the spread of COVID-19 (including its variant strains) and when or if normal economic activity and business operations will resume. Government orders and other restrictions may continue in effect or may be reinstituted if outbreaks increase or fail to decrease. Such measures have had adverse impacts on the U.S. and foreign economies of uncertain severity and duration and have and may continue to negatively impact our ongoing operations, including our revenue and supply chain. For example, the spread of COVID-19 drove a reduction in, or in some cases temporary elimination of, elective medical procedures and healthcare visits. In addition, for a portion of our technology-enabled services business we get paid on a contingency basis based on collections, which were impacted by a delay in elective procedures. While uncertainty remains, we have seen an improvement in healthcare utilization as a result of a trend towards more normal underlying demand and people seeking care that they previously deferred due to the pandemic.
As a result of the COVID-19 outbreak, we and several of our business partners transitioned the majority of our workforce to a temporary remote working model, which may result in us experiencing lower work efficiency and productivity, which in turn may adversely affect our business. As our employees and business partners’ employees work from home and access our system remotely, we may be subject to heightened security and privacy risks, including the risks of cyber-attacks and privacy incidents. Additionally, employees who continue to work or are coming back to work in our facilities or perform services at our customers’ facilities may be subject to heightened risks for COVID-19 exposure thus potentially impacting their health and future worker compensation claims against us. We may also be subject to lawsuits from employees and others exposed to COVID-19 at our facilities, which could involve large demands and substantial defense costs. Our professional and general liability insurance may not cover all claims against us. Furthermore, if any of our employees are unable to perform his or her duties for a period of time, including as the result of illness, our results of operations or financial condition could be adversely affected.
While the COVID-19 outbreak has, and may continue to, provide us with new business opportunities, including supporting customers offering novel telemedicine, telehealth, and data and analytics products and solutions, we may experience compliance and related business development risks associated with these new business opportunities if customers request, and we attempt to offer, these products and solutions on an expedited basis in support of COVID-19 efforts.
While the availability of approved COVID-19 vaccines and their impact on the economy has been encouraging, we cannot reasonably estimate the length or severity of the COVID-19 pandemic or the related response, including the length of time it may take for normal economic and operating conditions to resume or the extent to which the disruption may materially impact our business, consolidated financial position, consolidated results of operations or consolidated cash flows. To the extent the COVID-19 pandemic adversely affects our business, operations, financial position or consolidated cash flows, it may also have the effect of heightening many of the other risks described herein.
Risks Related to Our Business and Industry
If we are unable to retain our existing customers or attract new customers, our business, financial condition or results of operations could suffer.
Our success depends substantially upon the retention of existing customers and the attraction of new customers. We may not be able to retain our existing customers or attract new customers if we are unable to provide solutions or services that existing or prospective payer customers believe enable them to achieve improved efficiencies and cost-effectiveness or allow them to more effectively manage their revenue cycle, increase reimbursement rates and improve cash flows.
Success in retaining and attracting customers will also depend, in part, on our ability to innovate successfully and be responsive to technological developments, pricing pressures and changing business models.
To remain competitive in the evolving healthcare IT markets, we must continuously upgrade our existing solutions and develop and introduce new solutions on a timely basis. Future advances in healthcare IT could lead to new technologies, products or services that are competitive with existing solutions, resulting in pricing pressure or rendering such solutions obsolete or not competitive. In addition, because we deliver enterprise-wide and single entity clinical, patient care, financial, imaging, supply chain and strategic management software solutions to payers, hospitals, physicians and other providers, our ability to integrate these
software solutions could be challenged, which may impair our ability to retain customers and harm our reputation with existing and prospective customers. We also may not be able to retain or attract customers if our solutions contain errors or otherwise fail to perform properly, if our pricing structure is not competitive or if we are unable to renegotiate customer contracts upon expiration.
Our revenue depends in part upon maintaining high customer retention rates and our future growth depends on attracting new customers. If we are unable to maintain customer retention rates, or to attract new customers, our business, results of operations or financial condition could be adversely impacted.
We may lose connections to payers and providers to competitors.
Our business largely depends upon our ability to connect electronically to a substantial number of payers and providers. These connections may be made either directly or through a clearinghouse. We may not be able to maintain our connections with a large number of payers on satisfactory terms and may not be able to develop new connections, either directly or through other clearinghouses, on satisfactory terms. Competing EDI service providers can easily establish connections with payers and providers and thereby may replicate these solutions. Any failure to maintain existing connections with payers, providers and other clearinghouses or to develop new connections as circumstances warrant, or an increase in the utilization of direct links between payers and providers, could reduce the number of transactions that we process, which would reduce our revenue and could have a material adverse impact on our business, results of operations or financial condition.
We face significant competition, which may harm our business, results of operations or financial condition.
We face substantial competition from many healthcare information systems companies and other IT companies, including the growing presence of large technology companies entering the healthcare market. This vigorous competition requires us to provide high quality, innovative products at a competitive price. These competitive threats will likely remain or expand in the future. Our key competitors include:
•healthcare transaction processing companies, including those providing EDI services and/or internet-based services and those providing services through other means, such as paper and fax;
•healthcare information system vendors that support providers or payers with their revenue and payment cycle management, imaging usage, retrieval and management, capacity and resource management, and clinical information exchange processes, including physician and dental practice management, pharmacy management, hospital information, imaging and workflow solutions and EHR vendors;
•IT and healthcare consulting service providers;
•healthcare insurance companies, pharmacy benefit management and pharmacy benefit administrator companies, hospital management companies and pharmacies that provide or are developing electronic transaction and payment distribution services for use by providers and/or by their members and customers;
•healthcare payments and communication solutions providers, including financial institutions and payment processors that have invested in healthcare data management assets, and print and mail vendors;
•healthcare eligibility and enrollment services companies;
•healthcare payment accuracy companies;
•healthcare engagement and transparency companies;
•healthcare billing and coding services companies;
•providers of other data products and data analytics solutions, including healthcare risk adjustment, quality, economic statistics and other data; and
•licensors of de-identified healthcare information.
In addition, the increasing standardization of certain healthcare IT products and services has made it easier for companies to enter these markets with competitive products and services. Many software, hardware, information systems and business process outsourcing companies, both with and without healthcare companies as their partners, offer or have announced their intention to offer products or services that are competitive with solutions that we offer. There have been a number of recent entrants that have successfully marketed competitive solutions and they may expand these offerings in the future. We cannot fully anticipate whether or when companies in adjacent or other product, service or technology areas may launch competitive products, and any such entry may lead to product obsolescence, loss of market share or erosion of prices. The extent of this competition varies by the size of companies, geographical coverage and scope and breadth of products and services offered. Within certain of the markets in which we operate, our competitors are significantly larger and have greater financial or other resources and have established reputations for success. In addition, many of the world’s largest and most well-funded technology companies are aggressively pursuing opportunities to enter the healthcare market, and we expect such initiatives to accelerate in light of the COVID-19 pandemic.
Additionally, the pace of change in the healthcare information systems market is rapid and there are frequent new solution introductions, solution enhancements and evolving industry standards and requirements. We cannot guarantee that we will be able to upgrade our existing solutions or services, or introduce new solutions or services at the same rate as our competitors, or at all, nor can we guarantee that upgrades or new solutions or services will achieve market acceptance over or among competitive offerings, or at all.
Competitors may also commercialize products, services or technologies that render our solutions obsolete or less marketable.
These competitive pressures could have a material adverse impact on our business, results of operations or financial condition.
Competition with some customers, or decisions by customers to perform internally some of the same solutions or services that we offer, could harm our business, results of operations or financial condition.
Some of our existing customers compete with us, or may do so in the future, and some customers belong to alliances that compete with us, or may do so in the future, either with respect to the solutions or services we provide to them now, or with other lines of business. For example, some payer customers currently offer, through affiliated clearinghouses, web portals and other means, electronic data transmission services to providers that allow the provider to bypass third-party EDI service providers such as us. The ability of payers to replicate these solutions and the ability of providers to connect directly with payers may adversely affect the terms and conditions we are able to negotiate in our agreements with payers and our transaction volume with them, which directly relates to our revenue. In addition, to the extent that customers elect to perform internally any of the business processes our solutions address we may lose such customers or the volume of our business with such customers may be reduced, which could harm our business, results of operations or financial condition.
We have faced and will continue to face pressure to reduce prices, which may reduce our margins, profitability and competitive position.
As electronic transaction processing further penetrates the healthcare market and becomes highly standardized, competition among revenue cycle management software and EDI providers is increasingly focused on providing value added services and capabilities to customers. This competition has placed pressure, and could place further pressure, on us to continue to improve our products and keep prices competitive in order to retain market share. Likewise, as a result of Medicare or Medicaid payment reductions and other reimbursement changes, our provider customers have sought, and may attempt to seek, price concessions. If we are unable to reduce costs sufficiently to offset declines in prices, or if we are unable to introduce new, innovative offerings with higher margins, our business, results of operations or financial condition may be materially adversely impacted.
In addition, many healthcare industry constituents are consolidating to create integrated healthcare delivery systems with greater market power. As provider networks, such as hospitals, and payer organizations, such as private insurance companies, consolidate, competition to provide the types of solutions we provide may become more intense and the importance of establishing and maintaining relationships with key healthcare industry constituents could increase. These healthcare industry constituents have used in the past, and likely will try to use in the future, their market power—particularly where it has been increased following mergers and consolidations—to negotiate price reductions for our solutions. If we are forced to further reduce prices and are unable reduce expenses, margins will decrease and results of operations could deteriorate. In addition, the diversity of our customer and revenue base may decline as our customers combine.
Increasing inflationary pressures and consumer costs may have a negative effect on our margins, profitability and results of operations.
The broader U.S. economy has experienced higher than expected inflationary pressures in the beginning of 2022 related to continued supply chain disruptions, labor shortages and geopolitical instability. Increasing inflationary pressures may have a negative effect on our profit margins and earnings due to associated costs increases. Our Technology-Enabled Services businesses in particular may be materially affected to the extent such associated cost increases are not passed on to customers due to resistance to higher prices and/or the timing needed to pass on such increases. Additionally, we face an increasingly competitive labor market due to sustained labor shortages in part from the COVID-19 pandemic and are subject to inflationary pressures on employee wages and salaries which may increase labor costs. Failure to retain highly skilled employees due to wage inflation could have a material adverse impact on our business, results of operations or financial condition. See “Our success depends in part on our ability to identify, recruit and retain skilled management and technical personnel (including while the UHG Transaction is pending). If we fail to recruit and retain suitable candidates or if our relationship with our employees changes or deteriorates, there could be a material adverse impact on our business, results of operations or financial condition.” While we are unable to predict the direction of the economy or if inflation will increase or revert to normal levels, if the current inflationary trends continue for a sustained period of time, our margins, profitability and results of operations could be adversely affected.
Failure to maintain relationships with channel partners or significant changes in the terms of agreements with channel partners may have an adverse effect on our ability to successfully market our solutions.
We have entered into contracts with channel partners to market and sell some of our solutions. Most of these contracts are on a non-exclusive basis. However, under contracts with some channel partners, we may be bound by provisions that restrict our ability to market and sell solutions to potential customers. Our arrangements with some of these channel partners involve negotiated payments to them based on percentages of revenue they generate. If the payments prove to be too high, we may be unable to realize acceptable margins, but if the payments prove to be too low, channel partners may not be motivated to produce a sufficient volume of
revenue. The success of these partnerships will depend in part upon the channel partners’ own competitive, marketing and strategic considerations, including the relative advantages of using alternative solutions being developed and marketed by them or by competitors. If channel partners are unsuccessful in marketing our solutions or seek to amend the terms of their contracts, we may need to broaden our marketing efforts to increase focus on the solutions they sell and alter our distribution strategy, which may divert planned efforts and resources from other projects and may increase our costs. In addition, as part of the packages these channel partners sell, they may offer a choice to their customers between our solutions and similar solutions offered by competitors or by the channel partners directly. If our solutions are not chosen for inclusion in these packages, revenue we earn from our channel partner relationships will decrease. Lastly, we could be subject to claims and liability as a result of the activities, products or services of channel partners or other resellers of our solutions. Even if these claims do not result in liability, investigating and defending claims could be expensive, time-consuming and result in adverse publicity that could have a material adverse impact on our business, results of operations or financial condition.
If our solutions do not interoperate with our customers’ or their vendors’ networks and infrastructures, or if customers or their vendors implement new system updates that are incompatible with our solutions, sales of those solutions could be adversely affected.
Our solutions must interoperate with our customers’ and their vendors’ existing infrastructures, which often have different specifications, utilize multiple protocol standards, deploy products and applications from multiple vendors, and contain multiple generations of products that have been added to that infrastructure over time. Some of the technologies supporting our customers and their vendors are changing rapidly and we must continue to adapt to these changes in a timely and effective manner at an acceptable cost. In addition, our customers and their vendors may implement new technologies into their existing networks and systems infrastructures that may not immediately interoperate with our solutions. Our continued success will depend on our ability to adapt to changing technologies, manage and process ever-increasing amounts of data and information and improve the performance, features and reliability of our services in response to changing customer and industry demands. If we encounter complications related to network configurations or settings, we may have to modify our solutions to enable them to interoperate with customers’ and their vendors’ networks and manage customers’ transactions in the manner intended. For example, if customers or their vendors implement new encryption protocols, it may be necessary for us to obtain a license to implement or interoperate with such protocols, and there can be no assurance that we will be able to obtain such a license on acceptable terms, if at all. These difficulties could delay or prevent the successful design, development, testing, introduction or marketing of our solutions. As a consequence of any of the foregoing, our ability to sell our solutions may be impaired, which could have a material adverse impact on our business, results of operations or financial condition.
Our ability to generate revenue could suffer if we do not continue to update and improve existing solutions and develop new ones.
We must continually improve the functionality of our existing solutions and introduce valuable healthcare IT and service solutions in order to respond to technological and regulatory developments and customer demands. For example, from time to time, government agencies may alter format and data code requirements applicable to electronic transactions. In addition, customers may request that solutions be customized to satisfy particular security protocols, modifications and other contractual terms in excess of industry norms and standard configurations. We may not be successful in responding to technological and regulatory developments or changing customer needs. In addition, these regulatory or customer-imposed requirements may impact the profitability of solutions and customer engagements. The pace of change in the markets is rapid, and there are frequent new product and service introductions by competitors and channel partners who use our solutions in their offerings. If we do not respond successfully to technological and regulatory changes, as well as evolving industry standards and customer demands, our solutions may become obsolete. Technological changes also may result in the offering of competitive solutions at lower prices than we are charging for our solutions, which could result in us losing sales unless we lower the prices we charge or provide additional efficiencies or capabilities to the customer. If we lower our prices on some of our solutions, we will need to increase margins on other solutions in order to maintain overall profitability.
There are increased risks of performance problems and breaches during times when we are making significant changes to our solutions or systems we use to provide our solutions. In addition, changes to our solutions or systems, including cost savings initiatives, may cost more than anticipated, may not provide the benefits expected, may take longer than anticipated to develop and implement or may increase the risk of performance problems.
In order to respond to technological changes, such as continuing development in the areas of data analytics, machine learning, artificial intelligence and blockchain, among others, as well as regulatory changes and evolving security risks and industry standards, our solutions and the software and systems we use to provide our solutions must be continually updated and enhanced. Because some of the software and systems that we use to provide solutions to customers are inherently complex, changing, updating, enhancing or creating new versions of our solutions or the software or systems we use to provide our solutions introduces a risk of errors or performance problems. We cannot be certain that errors will not arise in connection with any such changes, updates, enhancements or new versions, especially when first introduced. Even if our solutions do not have performance problems, technical and customer service personnel may have difficulties installing them or providing any necessary training and support to customers, and customers
may not follow our guidance on appropriate training, support and implementation for such solutions.
Implementation of changes in our technology and systems may cost more or take longer than originally expected and may require more testing than initially anticipated. While new, updated or enhanced solutions are tested in production, we cannot be sure that the testing will uncover all problems that may occur in actual use.
We also periodically implement efficiency measures and other cost-saving initiatives to improve our operating performance. These efficiency measures and other cost-saving initiatives may not provide the benefits anticipated or do so in the expected time frame. Implementation of these measures may also increase the risk of performance issues due to unforeseen impacts on our organization, systems and processes.
If significant problems occur as a result of these changes, we may fail to meet our contractual obligations to customers, which could result in claims being made against us or in the loss of customer relationships. These claims or lost customers may have a material adverse effect on our business, financial condition, results of operations and cash flows.
Lengthy sales, installation and implementation cycles for some of our solutions may result in delays or an inability to generate revenue from these solutions.
Some of our solutions have long sales, installation and implementation cycles, which could range from a few months to years or more from initial contact with the customer to completion of implementation and generation of revenue. How and when to implement, replace, or expand an information system, or modify or add business processes, are important decisions for healthcare organizations, and some customers may be reluctant to change or modify existing systems or processes. Some of the solutions we provide require significant capital expenditures and time commitments by our customers. Sales may be subject to delays due to customers’ internal procedures for deploying new systems and processes, and implementation may be subject to delays based on the availability of the internal customer resources needed. We may be unable to control many of the factors that will influence the timing of the buying decisions of existing or prospective customers or the pace at which installation and training may occur, including decisions by our customers to delay or cancel implementations. If we experience longer sales, installation and implementation cycles for our solutions, we may experience delays in generating, or a decreased ability to generate, revenue from these solutions, which could have a material adverse impact on our business, results of operations or financial condition. Furthermore, significant delays or failures to meet milestones established in our customer contracts may result in breach of contract, termination of the contract, damages and/or penalties as well as a reduction in our margins or a delay in our ability to recognize revenue.
We are highly dependent on transaction volumes in the U.S. healthcare industry, particularly payment and reimbursement transaction volumes, and any temporary or sustained decrease in healthcare transaction, payment or reimbursement volumes could have a material adverse impact on our business, results of operations or financial condition.
A significant portion of our revenue attributable to the ongoing use of or subscription to a service or solution after an initial sale or renewal without additional selling efforts is earned on a per transaction basis (or is derived from transaction-related services). As a result, much of our revenue is tied to customer transaction, payment and reimbursement volumes and is generally not required to be paid in the absence of healthcare transactions, which are not subject to minimum volume requirements under customer contracts. In addition, some contracts with customers can be terminated or not renewed without penalty and on little or no advance notice. As a result, this “recurring” revenue is highly dependent on us maintaining our customer base as well as on the transaction volume in the U.S. healthcare industry. For example, in the U.S. our revenue can be adversely affected by the impact of lower than normal healthcare utilization trends and other negative economic factors such as higher unemployment. Further, weakened economic conditions or a recession could reduce the amounts patients are willing or able to spend on healthcare services. As a result, patients may elect to delay or forgo seeking healthcare services and increases in unemployment rates are likely to cause commercial payer membership to decline, which could further reduce healthcare utilization and transaction volumes. In addition, such events could decrease payer or provider demand for our solutions, which could further adversely impact revenue, including “recurring” revenue.
Various factors may cause continued temporary or sustained disruption to U.S. healthcare transaction volumes. The impact such disruptions would have on our business will depend upon the magnitude and duration of any such disruption. Factors include, among others:
•the financial stability of customers and the U.S. healthcare industry, and the impact of any fundamental corporate changes to healthcare providers and payers, such as hospital and insurance consolidations, on the cost and availability of, and the rate of reimbursement for, healthcare services, including due to the aftermath of the COVID-19 pandemic;
•political, legislative, regulatory and other changes in how healthcare services are covered, delivered and reimbursed, including any future changes to the ACA, Medicare, Medicaid and other federal, state and local healthcare regulations, as well as any future changes due to the COVID-19 pandemic;
•factors that may affect demand for healthcare services, such as high unemployment, rising healthcare costs and increased copayment requirements; and
•general economic conditions.
Any temporary or sustained decrease in healthcare transaction, payment or reimbursement volumes in the U.S. could have a material adverse impact on our business, results of operations or financial condition.
Our business would be adversely affected if we cannot obtain, process or distribute the highly regulated data we require to provide our solutions.
Our business relies on our ability to obtain, process, monetize and distribute highly regulated data in the healthcare and other industries, in a manner that complies with applicable laws, regulations and contractual and technological restrictions. The failure by us or our data suppliers and processors to obtain and provide data in a compliant manner could have a harmful effect on our ability to use and disclose data which in turn could impair our functions and operations, including our ability to share data with third parties or incorporate it into our services and offerings. In addition, the use, processing and distribution of data may require us or our data suppliers and processors to obtain consent from third parties or follow additional laws, regulations or contractual and technological restrictions that apply to the healthcare and other industries. These requirements could interfere with or prevent creation or use of rules and analyses or limit other data-driven activities that benefit us. Moreover, due to lack of valid notice, permission or waiver, we may be subject to claims or liability for use or disclosure of information. We have policies and procedures in place to address the proper handling and use of data, but could face claims that our practices occur in a manner not permitted under applicable laws or our agreements with or obligations to data providers, individuals or other third parties. See “—Breaches and failures of our IT systems and the security measures protecting them, and the sensitive information we transmit, use and store, expose us to potential liability and reputational harm” below for further discussion. These claims or liabilities and other failures to comply with applicable requirements could damage our reputation, subject us to unexpected costs and could have a material adverse impact on our business, results of operations or financial condition.
Failure by our customers to obtain proper permissions or provide us with accurate and appropriate information may result in claims against us or may limit or prevent our use of information, which could harm our business. Additionally, privacy concerns relating to our business could damage our reputation and deter current and potential customers from using our solutions.
To the extent we are not otherwise permitted to use and/or disclose customer information, we require our customers to provide necessary notices and obtain necessary permissions for the use and disclosure of the information that we receive from our member engagement, member eligibility, billing and coding and other solutions. If they do not provide necessary notices or obtain necessary permissions, then our use and disclosure of information that we receive from them or on their behalf may be limited or prohibited by federal or state privacy or other laws. Such failures by our customers could impair our functions, processes and databases that reflect, contain or are based upon such information. For example, as part of our claims submission services, we rely on our customers to provide us with accurate and appropriate information and directives for our actions. While we have implemented features and safeguards relating to the accuracy and completeness of claims content, these features and safeguards may not be sufficient to prevent inaccurate claims data from being submitted to payers. In addition, such failures by our customers could interfere with or prevent creation or use of rules, analyses or other data-driven activities that benefit us or make our solutions less useful. Accordingly, we may be subject to claims or liability for inaccurate claims data submitted to payers or for use or disclosure of information by reason of lack of valid notice or permission. As another example, we rely on our customers to provide us with accurate and appropriate billing and coding information, including provider enrollment information and medical necessity information. While we have implemented features and safeguards relating to provider enrollment and medical necessity requirements, these features and safeguards may not be sufficient to prevent inaccurate or incomplete billing and coding claims from being submitted to payers. Accordingly, we may be subject to claims or liability for inaccurate or incomplete billing and coding claims. These claims or liabilities could damage our reputation, subject us to unexpected costs and could have a material adverse impact on our business, results of operations or financial condition.
Additionally, in recent years, consumer advocates, media and elected officials increasingly and publicly have criticized companies in data focused industries regarding the collection, storage and use of personal data, including the licensing of de-identified data, by such companies. Concerns about our practices with regard to the collection, use, disclosure or security of personal information, the licensing of de-identified data, or other privacy related matters, even if unfounded, could damage our reputation and adversely affect our business, results of operations or financial condition. Additionally, to the extent we are permitted to de-identify protected health information and use de-identified information for our purposes, determining whether such protected health information has been sufficiently de-identified to comply with the HIPAA privacy standards and our contractual obligations can require complex factual and statistical analyses and is subject to interpretation and judgment. Accordingly, we may be subject to claims or liability for failure to sufficiently de-identify data to comply with the HIPAA privacy standards and our contractual obligations. These claims or liabilities could damage our reputation, subject us to unexpected costs and could have a material adverse impact on our business, results of operations or financial condition.
Certain of our solutions present the potential for embezzlement, identity theft or other similar illegal behavior by our employees or vendors and a failure of our employees or vendors to observe quality standards or adhere to environmental, social and governance standards could damage our reputation.
Among other things, our solutions include printing and mailing checks and/or facilitating electronic funds transfers for our payer customers and handling mail and payments from payers and from patients for many of our provider customers. These services frequently include handling original checks, payment card information, banking account information and may include currency. Even when we do not facilitate payments or handle original documents or mail, our services also involve the use and disclosure of personal and business information that could be used to impersonate third parties or otherwise gain access to their data or funds. If any of our employees or vendors or other bad actors takes, converts or misuses such funds, documents or information, or we experience a data breach creating a risk of identity theft, we could be liable for damages, and our reputation could be damaged or destroyed. In addition, we could be perceived to have facilitated or participated in illegal misappropriation of funds, documents or data and, therefore, be subject to civil or criminal liability. Federal and state regulators may take the position that a data breach or misdirection of data constitutes an unfair or deceptive act or trade practice. We also may be required to notify individuals affected by any data breaches. Further, a data breach or similar incident could impact the ability of our customers that are creditors to comply with the federal “red flags” rules, which require the implementation of identity theft prevention programs to detect, prevent and mitigate identity theft in connection with customer accounts.
Many of our licensees and vendors are subject to specified product quality standards and other requirements pursuant to the related licensing or supply agreements. The non-compliance by these entities with the terms and conditions of their respective contracts that pertain to health and safety standards, quality control, product consistency, compliance with law, or proper marketing or other business practices, may adversely impact the goodwill of our business. We may not be able to adequately prevent such practices, which could harm the value of our business, result in the abandonment, dilution or invalidity of trademarks associated with our business and adversely affect our results of operations or financial condition. In addition, such licensees and suppliers could violate environmental, social and governance standards or engage in unethical conduct. Further, despite our policies to the contrary, we may not be able to control the conduct of every individual actor, and our employees and personnel may violate environmental, social or governance standards or engage in other unethical conduct. These acts could adversely impact the reputation of our business.
Contractual relationships with customers that are governmental agencies or are funded by government programs may impose special burdens on us and provide special benefits to those customers.
A portion of our revenue comes from customers that are governmental agencies or are funded by government programs. Our contracts and subcontracts may be subject to some or all of the following:
•termination when appropriated funding for the current fiscal year is exhausted;
•termination for the governmental customer’s convenience, subject to a negotiated settlement for costs incurred and profit on work completed, along with the right to place contracts out for bid before completion of the full contract term, as well as the right to make unilateral changes in contract requirements, subject to negotiated price adjustments;
•compliance and reporting requirements related to, among other things, agency-specific policies and regulations, information security, subcontracting requirements, equal employment opportunity, affirmative action for veterans and workers with disabilities and accessibility for the disabled;
•broad audit rights;
•ownership of inventions made with federal funding under the Bayh-Dole Act; and
•specialized remedies for breach and default, including setoff rights, risk allocation, retroactive price adjustments and civil or criminal fraud penalties, re-procurement expenses, as well as mandatory administrative dispute resolution procedures instead of state contract law remedies.
In addition, certain violations of federal and state law may result in termination of our contracts and subcontracts, and under certain circumstances, suspension and/or debarment from future government contracts. We are also subject to conflict-of-interest rules that may affect our eligibility for some federal, state and local government contracts and subcontracts, including rules applicable to all U.S. government contracts and subcontracts, and rules applicable to specific agencies.
Our success depends in part on our ability to identify, recruit and retain skilled management and technical personnel (including while the UHG Transaction is pending). If we fail to recruit and retain suitable candidates or if our relationship with our employees changes or deteriorates, there could be a material adverse impact on our business, results of operations or financial condition.
Our future success depends upon our continuing ability to identify, attract, hire and retain highly qualified personnel, including skilled management, product, technology, sales and marketing personnel, all of whom are in high demand and are often subject to competing offers. Competition for qualified personnel in the healthcare IT industry is intense, and we may not be able to hire or retain a sufficient number of qualified personnel to meet our requirements, or be able to do so at salary, benefit and other compensation costs that are acceptable to us, including while the UHG Transaction is pending.
We continue to invest significantly in our sales force in order to obtain new customers and increase sales to existing customers. Our ability to achieve revenue growth depends, in large part, on our success in recruiting, training and retaining sufficient numbers of qualified sales personnel. A portion of current sales personnel are new to us, and new hires require significant training and may require a lengthy onboarding process before they achieve full productivity. Recent hires and planned hires may not become productive as quickly as expected. Additionally, if efforts to improve sales force productivity do not result in increased revenue, operating results could be negatively impacted due to increased operating expenses associated with these efforts.
A loss of a substantial number of qualified employees, or an inability to attract, retain and motivate additional highly skilled employees required for expansion of our business, could have a material adverse impact on our business, results of operations or financial condition. In addition, while none of our employees currently are unionized, unionization of our employees is possible in the future. Such unionizing activities could be costly to address and, if successful, likely would adversely impact our operations.
Risk Related to Cybersecurity and Information Technology
Breaches and failures of our IT systems and the security measures protecting them, and the sensitive information we transmit, use and store, expose us to potential liability and reputational harm.
Our business relies on sophisticated information systems to obtain, process, analyze, and manage data, affecting our ability to manufacture, purchase, distribute, and process products and services. In addition, we rely on vendors to service our IT systems. To the extent our IT systems are not successfully implemented or fail or our vendors fail in servicing our IT systems, our business and results of operations may be adversely affected.
To protect the sensitive and confidential information that we handle, we implement security measures and maintain information security policies and procedures in accordance with applicable regulatory requirements. Despite our security management efforts with respect to physical and technological infrastructure, employee training, vendor controls and contractual relationships, our infrastructure, data or other operation centers and systems used in connection with our business operations, including the internet and related systems of our vendors (including vendors to which we outsource data hosting, storage and processing functions) are vulnerable to, and may experience, unauthorized access to data and/or breaches of confidential information due to criminal conduct, physical break-ins, hackers, employee or insider malfeasance and/or improper employee or contractor access, computer viruses, programming errors, denial-of-service attacks, ransomware events, phishing schemes, fraud, terrorist attacks, human error or other breaches or similar disruptive problems. It is not possible to prevent all security threats to our systems and data. Techniques used to obtain unauthorized access, disable or degrade service or sabotage systems change frequently and may be difficult to detect for long periods of time. Further, defects in the design or manufacture of the hardware, software or applications we develop or procure from third parties could compromise our IT systems. These events, including unauthorized access, misappropriation, disclosure or loss of sensitive information (including financial or personal health information) or a significant disruption of our network, expose us to risks including risks to our ability to provide our solutions and fulfill contractual demands, management distraction and the obligation to devote significant financial and other resources to mitigate such problems and increases to our future information security costs, including through organizational changes, deploying additional personnel and protection technologies, further training of employees, changing vendor control practices, and engaging third-party experts and consultants. Moreover, unauthorized access, use or disclosure of certain sensitive information in our possession or our failure to satisfy legal requirements, including requirements relating to safeguarding protected health information under HIPAA and personal information under the EU’s General Data Protection Regulations (“GDPR”) or state data privacy laws. See “—We are unable to predict what changes to laws, regulations and other requirements, including related contractual obligations, might be made in the future or how those changes could affect our business or the costs of compliance” below for further discussion. This could result in civil and criminal liability and regulatory action, which could result in potential fines and penalties, as well as costs relating to investigation of an incident or breach, corrective actions, required notifications to regulatory agencies and customers, credit monitoring services and other necessary expenses. In addition, actual or perceived breaches of our security management efforts can cause existing customers to terminate their relationship with us and deter existing or prospective customers from using or purchasing our solutions in the future. These events can have a material adverse impact on our business, results of operations, financial condition and reputation.
Our products and services involve processing personal information. Like many organizations, we have been and expect to routinely be the target of attempted cyber and other security threats by outside third parties, including technically sophisticated and well-resourced bad actors attempting to access or steal the data we store. Vendor, insider, or employee cyber and security threats also occur and are a significant concern for all companies, including us. High-profile security incidents involving improper access to personal information of individuals both within and outside of the healthcare industry continue to be a pervasive threat to organizations. Incidents that we are aware of outside of our organization have often resulted in lawsuits and governmental enforcement actions that have sought or obtained significant fines and penalties, and have required companies to enter into agreements with government regulators that impose ongoing obligations and requirements, including internal and external (third-party) monitorships for five years or more. We maintain liability insurance coverage including coverage for errors and omissions and cyber liability. However, claims may not be covered or could exceed the amount of our applicable insurance coverage, if any, or such coverage may not continue to be available on acceptable terms or in sufficient amounts.
Poor service, system errors or failures of our solutions to conform to specifications could cause unforeseen liabilities or injury, harm our reputation and have a material adverse impact on our business, results of operations or financial condition.
We must meet our customers’ service level expectations and our contractual obligations with respect to our solutions. Failure to do so could subject us to liability or cause us to lose customers. In some cases, we rely on third-party vendors to assist us in providing our solutions. Therefore, our ability to meet our contractual obligations and customer expectations may be impacted by the performance of our vendors and their ability to comply with applicable laws and regulations. For example, our electronic payment and remittance solutions depend in part on the ability of our vendors to comply with applicable banking, financial service and payment card industry requirements and their failure to do so could cause an interruption in the solutions we provide or require us to seek alternative solutions or relationships. We likely will incur increased development costs to upgrade our software to be in compliance with changing and evolving standards, and delays may result in connection therewith. If our solutions are not in compliance with these evolving standards, our market position and sales could be adversely affected and we may have to invest significantly in changes and updates to our solutions, which could materially and adversely impact our business, financial condition and results of operations.
Some of our solutions are intended to provide information to healthcare professionals delivering patient care. Although our contracts disclaim liability for medical decisions and responsibility for patient care, if use of or inability to use our solutions leads to faulty clinical decisions or injury to patients, such disclaimers may be unenforceable and we could be subject to claims or litigation, including product liability and warranty claims, by healthcare professionals, their patients or customers. Product liability and warranty claims often involve very large or indeterminate amounts, including punitive damages. The magnitude of potential losses from product liability lawsuits may remain unknown for substantial periods of time, and the related legal defense costs may be significant. We could experience material warranty or product liability losses in the future and incur significant costs to defend these claims. In addition, if any of our products or services are, or are alleged to be, defective, we may voluntarily participate, or be required to participate, in a recall of that product or service. In the event of a recall, we may lose sales and be exposed to individual or class-action litigation claims. Further, negative publicity regarding a quality or safety issue, whether accurate or inaccurate, could harm our reputation, decrease demand for our solutions, lead to withdrawals of our solutions or impair our ability to successfully launch and market our solutions in the future. Product liability, warranty and recall costs may have a material adverse effect on our business, financial condition, results of operations and cash flows.
Some of the software and systems that we use to provide our solutions are inherently complex and errors or downtime could negatively impact our customers. For example, because we collect and manage large amounts of data, it is possible that hardware failures and errors in our systems could result in data loss or corruption or cause the information that we collect to be incomplete or contain inaccuracies that our customers could regard as significant. In addition, errors in our transaction processing systems could result in payers paying the wrong amount, payers making payments to the wrong payee or delayed payments. Although we seek to address any errors or downtime with updates to the software and systems, if we are unable to promptly remedy any errors or our customers do not implement system updates, the software and systems could be compromised or our customers could experience prolonged downtimes relating to the software and systems. If problems occur or persist, our customers may seek compensation from us, seek to terminate their contracts, withhold payments, seek refunds from us of part or all of the fees charged under our contracts, ask us to reconstruct lost or corrupted data at our expense, request a loan or advancement of funds or initiate litigation or other dispute resolution procedures. We also may be subject to claims by others affected by any such problems. Further, some of our existing and prospective customers may be reluctant or unwilling to use cloud-based services because they have concerns regarding the risks associated with the security and reliability of the technology delivery model associated with these services. If our existing or prospective customers do not perceive the benefits of our services, then the market for these solutions may not expand as much or develop as quickly as we expect, either of which would adversely affect our business, financial condition or results of operations.
We attempt to limit, by contract, our liability for damages arising from our negligence, errors, mistakes or security breaches. However, contractual limitations on liability may not be accepted by our customers, may not be enforceable or may otherwise not provide sufficient protection to us from liability for damages. We maintain liability insurance coverage, including coverage for errors and omissions and cyber-liability. It is possible, however, that claims could be denied or exceed the amount of our applicable insurance coverage or that coverage may not continue to be available on acceptable terms or in sufficient amounts. Even if claims do not result in liability to us, investigating and defending against them could be expensive and time consuming and could divert management’s attention away from our operations. In addition, negative publicity caused by these events may negatively impact our customer relationships, market acceptance of our solutions, including unrelated solutions, or may harm our reputation and business.
We rely on internet infrastructure, bandwidth providers, data center providers, other third parties and our own systems in providing certain of our solutions to our customers, and any failure or interruption in the services provided by these third parties or our own systems could expose us to litigation and negatively impact our relationships with customers, adversely affecting our business, results of operations or financial condition.
Our business operations depend on the development and maintenance of the infrastructure of telecommunications services and on our ability to maintain and protect our network and computer systems. This includes maintenance of a reliable network connection with the necessary speed, data capacity and security for providing reliable internet access and services and reliable
telephone and facsimile services. As a result, our information systems require an ongoing commitment of significant resources to maintain and enhance existing systems and develop new systems in order to keep pace with continuing changes in IT, emerging cybersecurity risks and threats, evolving industry and regulatory standards and changing preferences of our customers. Many of our network and computer solutions are located in our primary data and operations centers that we own and operate and some are outsourced to third-party hosting providers. We have consolidated several satellite data centers and plan to continue such consolidation. We also provide remote and cloud hosting services that involve operating our software and the software of vendors for our customers.
Our operations and facilities are vulnerable to interruption and/or damage from a number of sources, many of which are beyond our control, including, without limitation: power loss and telecommunications failures; fire, flood, hurricane, tornado and other natural disasters; software and hardware errors, failures or crashes; and cyber and ransomware attacks, computer viruses, hacking, break-ins, sabotage, intentional acts of vandalism and other similar disruptive problems. The occurrence of any of these events could result in interruptions, delays or cessations in service to users of our solutions, which could impair or prohibit our ability to provide our solutions, reduce the attractiveness of our solutions to our customers and could have a material adverse impact on our business, results of operations or financial condition. If customer access to our solutions is interrupted because of problems in our operations or our facilities, we could be in breach of our agreements with customers and/or exposed to significant claims, particularly if the access interruption is associated with problems in the timely delivery of medical care.
We attempt to mitigate these risks through various means including disaster recovery and business continuity plans, penetration testing, vulnerability scans, patching and other information security procedures and cybersecurity and ransomware measures, insurance against fires, floods, other natural disasters, cyber-liability and general business interruptions, and customer and employee training and awareness, but our precautions cannot protect against all risks. Any significant instances of system downtime could negatively affect our reputation and ability to provide our solutions or remote hosting services, which could have a material adverse impact on our business, results of operations or financial condition.
We also rely on a number of vendors, such as cloud service providers, to provide us with a variety of solutions and services, including cloud-based data hosting, telecommunications and data processing services necessary for our transaction services and processing functions and software developers for the development and maintenance of certain software products we use to provide our solutions. As a result, our disaster recovery and business continuity plans may rely, in part, on vendors of related services. We exercise limited control over vendors, which increases our vulnerability to problems with services they provide. Any errors, failures, interruptions or delays experienced in connection with vendor technologies and information services or our own systems could negatively impact our relationships with partners, adversely affect our business and could expose us to liabilities. Although we maintain insurance for our business, the coverage under our policies may not be adequate to compensate us for all losses that may occur. In addition, we cannot provide assurance that we will continue to be able to obtain adequate insurance coverage at an acceptable cost. If vendors do not fulfill their contractual obligations, have system failures or choose to discontinue their products or services, our business and operations could be disrupted, our brand and reputation could be harmed, and our financial condition or results of operations could be adversely affected.
The reliability and performance of our internet connection may be harmed by increased usage or by denial-of-service attacks. The internet has experienced a variety of outages and other delays as a result of damage to portions of our infrastructure, and it could face outages and delays in the future. Outages and delays could reduce the level of internet usage as well as the availability of the internet to us for delivery of our internet-based solutions.
As a result of the complexity of the issues facing healthcare providers and payers and the inherent complexity of our solutions to such issues, our customers depend on our support organization to resolve any technical issues relating to our offerings. In addition, our sales process is highly dependent on the quality of our offerings, on our business reputation and on strong recommendations from our existing customers. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for support services. We also may be unable to modify the format of our support services to compete with changes in support services provided by our competitors. It is difficult to predict customer demand for technical support services and, if customer demand increases significantly, we may be unable to provide satisfactory support services to our customers and their constituents. Failure to maintain high-quality and highly responsive technical support could harm our reputation, adversely affect our ability to sell our offering to existing and prospective customers and harm our business, results of operations and financial condition.
Our infrastructure, data or other operation centers and systems used in our business operations, including the internet and related systems of our vendors are vulnerable to, and from time to time experience, unauthorized access to data and/or breaches of confidential information.
In recent years, there have been a number of well-publicized data breaches involving the improper dissemination of personal information of individuals both within and outside of the healthcare industry. Most states require holders of personal information to maintain safeguards and take certain actions in response to a data breach, such as providing prompt notification of the breach to affected individuals or the state’s attorney general. In some states, laws are limited to electronic data, but states increasingly are
enacting or considering stricter and broader requirements. Additionally, HIPAA imposes certain notification requirements on both Covered Entities and Business Associates. A non-permitted use or disclosure of protected health information is presumed to be a breach under HIPAA unless the Covered Entity or Business Associate establishes that there is a low probability the information has been compromised consistent with requirements enumerated in HIPAA.
Further, the FTC has prosecuted certain data breach cases as unfair and deceptive acts or practices under the Federal Trade Commission Act. By regulation, the FTC requires creditors, which may include some of our customers, to implement identity theft prevention programs to detect, prevent and mitigate identity theft in connection with customer accounts. Although Congress passed legislation that restricts the definition of “creditor” and exempts many healthcare providers from complying with this identity theft prevention rule, we may be required to apply additional resources to our existing processes to assist our affected customers in complying with this rule.
Despite our security management efforts with respect to physical and technological infrastructure, employee training, vendor (and sub-vendor) controls and contractual relationships, our infrastructure, data or other operation centers and systems used in our business operations, including the internet and related systems of our vendors (including vendors to whom we outsource data hosting, storage and processing functions) are vulnerable to, and from time to time experience, unauthorized access to data and/or breaches of confidential information due to criminal conduct, physical break-ins, hackers, employee or insider malfeasance and/or improper employee or contractor access, computer viruses, programming errors, denial-of-service attacks, ransomware events, phishing schemes, fraud, terrorist attacks, human error or other breaches by insiders or third parties or similar disruptive problems. It is not possible to prevent all security threats to our systems and data. See “—Breaches and failures of our IT systems and the security measures protecting them, and the sensitive information we transmit, use and store, expose us to potential liability and reputational harm.”
Risks Related to International Operations
We are subject to risks associated with our international operations.
We market, sell and support our solutions internationally. While currently not a significant source of our revenue and profitability, we plan to continue to expand our non-U.S. operations and continue to focus on developing successful direct and indirect non-U.S. sales and support channels. Non-U.S. operations are subject to inherent risks, and our business, results of operations and financial condition, including our revenue growth and profitability, could be adversely affected by a variety of uncontrollable and changing factors. These include, but are not limited to:
•greater difficulty in collecting accounts receivable and longer collection periods;
•difficulties and costs of staffing and managing non-U.S. operations;
•the impact of global economic and political market conditions;
•effects of sovereign debt conditions, including budgetary constraints;
•expansion of economic sanctions or trade restrictions;
• increased geo-political tensions, including the conflict between Russia and Ukraine;
•unfavorable or volatile foreign currency exchange rates;
•legal compliance costs or business risks associated with our global operations where: (i) local laws and customs differ from, or are more stringent than those in the U.S., such as those relating to data privacy and data security, or (ii) risk is heightened with the FCPA, the U.K. Anti-Bribery Act and similar laws and regulations in foreign jurisdictions;
•certification, licensing, or regulatory requirements, including obligations imposed on manufacturers and distributors of medical devices by non-U.S. regulatory agencies, and unexpected changes to those requirements;
•changes to or reduced protection of intellectual property rights in certain countries;
•greater difficulty in protecting, maintaining and obtaining registered intellectual property, such as patents and trademarks;
•potentially adverse tax consequences as a result of changes in tax laws or otherwise, and difficulties associated with repatriating cash generated or held abroad in a tax-efficient manner;
•different or additional functionality requirements or preferences;
•trade protection measures;
•export control regulations;
•disruption of, or loss of access to, regional IT or telecommunication networks;
•health service provider or government spending patterns or government-imposed austerity measures;
•natural disasters, war or terrorist acts; and
•labor disruptions that may occur in a country.
We rely on vendors and other third parties including vendors outside the U.S., for some of our IT infrastructure, development and maintenance, quality assurance, operations, and customer support.
We currently depend on various vendors and other third parties for substantial business functions, including with respect to our IT systems (including infrastructure, application development, purchase and distribution, payment processing, manufacturing, and
maintenance), business process outsourcing, call center services, customer support and similar services. Specifically, we outsource some of our software development and design, quality assurance, and operations activities to third-party vendors that have employees and consultants located outside the U.S. In February 2018, Change Healthcare LLC entered into a ten-year contract with Wipro in which it initially committed to purchase from Wipro at least $1.0 billion in outsourced professional services over the ten-year term of the contract; that commitment was reduced to $975.0 million in March 2020. If we fail to meet this minimum commitment, we may be forced to pay to Wipro 25% of the shortfall relative to the minimum commitment at the end of the term, thus increasing our costs without a commensurate increase in services provided to our business. If we had terminated the Wipro contract on March 31, 2022, we estimate that the termination fee would have been approximately $185.1 million, which represents the greater of (i) a termination fee equal to 25% of the remaining unspent minimum commitment and (ii) the remaining unrecovered costs incurred by Wipro in connection with its performance under the agreement. In addition, our dependence on Wipro and other third-party vendors creates a number of business risks—in particular, the risk that we may not maintain service quality, control or effective management with respect to these outsourcing arrangements of our business operations and that we cannot control the information systems, facilities or networks of such vendors.
Our results of operations could be adversely affected if the information systems, facilities or networks of a third party vendor are disrupted (including disruption of access), are damaged or fail, whether due to physical disruptions, such as fire, natural disaster, pandemic or power outage, or due to cyber-security incidents, ransomware or other actions of vendors, including labor strikes, political unrest and terrorist attacks. Moreover, because certain of our third-party vendors conduct operations for us outside the U.S., the political and military events in foreign jurisdictions could have an adverse impact on our outsourced operations. If we experience problems with our third-party vendors, if the costs charged by our third-party vendors increase or if our agreements with our third-party vendors are terminated, we may not be able to develop new solutions, enhance or operate existing solutions, or provide customer support in an alternate manner that is equally or more efficient and cost-effective.
Legislative changes and contractual limitations may impede our ability to utilize our offshore service capabilities.
In our operations, we have contractors and employees located outside of the U.S. who may have access to personal information, including protected health information. From time to time, Congress considers legislation that would restrict the transmission of personal information regarding a U.S. resident to any foreign affiliate, subcontractor or unaffiliated third party without adequate privacy protections or without providing notice to the identifiable individual of the transmission and an opportunity to opt out. Some of the proposals considered would have required patient consent and imposed liability on healthcare businesses arising from the improper sharing or other misuse of personal information. Congress also has considered creating a private civil cause of action that would allow an injured party to recover damages sustained as a result of a violation of these proposed restrictions. Furthermore, a number of states have considered prohibitions or limitations on the disclosure of personal information to individuals or entities located outside of the U.S. If this type of legislation is enacted, our ability to utilize offshore resources may be impeded, and we may be subject to sanctions for failure to comply with the new mandates of the legislation. In addition, the enactment of such legislation could result in such work being performed at a lower margin of profitability, or even at a loss.
In addition, CMS requires that some of our customers, including Medicare Advantage (“MA”) organizations and Medicare Part D prescription drug plans and their subcontractors, submit certain information regarding their offshore subcontractors and attest that measures have been taken to mitigate risk associated with sharing personal information with such offshore subcontractors. As a result, we may be required to submit information or an attestation and may be impacted by our customer’s failure to submit accurate and complete information or attestations. Further, as a result of concerns regarding the possible misuse of personal information, some of our customers have contractually limited or may seek to limit our ability to use our offshore resources which may increase our costs. Use of offshore resources may increase our risk of violating our contractual obligations to our customers to protect the privacy and security of personal information, which could adversely impact our reputation and our business. In addition, depending on the location of contractors and employees accessing personal information outside of the U.S., we may have additional compliance obligations under non-U.S. laws applicable to accessing, using, or otherwise processing personal information and transmitting that information back to the U.S.
Escalating global trade tensions, and the conflict between Russia and Ukraine, and the adoption or expansion of economic sanctions or trade restrictions could negatively impact us.
The conflict between Russia and Ukraine could lead to disruption, instability and volatility in global markets and industries that could negatively impact our business, results of operations and financial condition. The conflict has resulted in significant volatility in certain equity, debt and currency markets, material increases in certain commodity prices, and economic uncertainty. The conflict may also escalate and its resolution is unclear. The U.S. government and other governments have imposed severe sanctions against Russia and Russian interests and threatened additional sanctions and controls. Sanctions and export control laws and regulations are complex, frequently changing, and increasing in number, and they may impose additional legal compliance costs or business risks associated with our operations. Although the Company does not conduct business directly with companies based in
Ukraine, Russia or Belarus, the impact of these measures, as well as potential responses to them by Russia, is currently unknown and they could adversely affect our business, results of operations and financial condition.
Risks Related to Intellectual Property
The protection of our intellectual property requires substantial resources and protections of our proprietary rights may not be adequate.
We rely on a combination of trade secret, copyright and trademark laws, patents, license agreements, confidentiality procedures, nondisclosure agreements and technical measures designed to protect the intellectual property used in our business. The steps we have taken to protect and enforce our proprietary rights and intellectual property may not be adequate. For instance, we may not be able to secure trademark or service mark registrations for marks in the U.S. or in foreign countries or take similar steps to secure patents for our proprietary processes, methods and technologies. Even if we are successful in obtaining patent and/or trademark registrations, these registrations may be opposed or invalidated by a third party. In addition, our agreements with employees, consultants and others who develop intellectual property for or on behalf of us could be breached and could result in our trade secrets and confidential information being publicly disclosed. We may not have adequate remedies for any such breach. Third parties also may infringe upon or misappropriate our copyrights, trademarks, service marks, patents and other intellectual property rights. If we believe a third party has misappropriated our intellectual property, litigation may be necessary to enforce and protect those rights, which would divert management resources, would be expensive and may not effectively protect our intellectual property. Even if we establish infringement, a court may decide not to grant an injunction against further infringing activity and instead award only monetary damages, which may or may not be an adequate remedy. Furthermore, because of the substantial amount of discovery required in connection with intellectual property litigation, there is a risk that some of our confidential information could be compromised by disclosure during litigation. There could also be public announcements regarding the results of hearings, motions or other interim proceedings or developments. If analysts or investors perceive these results to be negative, it could have a material adverse effect on the price of shares of our common stock. Moreover, there is no assurance that we will have sufficient financial or other resources to file and pursue such infringement claims, which typically last for years before they are concluded. Even if we ultimately prevail in such claims, the monetary cost of such litigation and the diversion of the attention of our management and scientific personnel could outweigh any benefit we receive as a result of the proceedings. As a result, if we fail to maintain adequate intellectual property protection or if a third party infringes or misappropriates our intellectual property, it may have a material adverse impact on our business, results of operations or financial condition.
Our currently pending or future patent applications may not result in issued patents, or be approved on a timely basis, if at all. Similarly, any term extensions that we seek may not be approved on a timely basis, if at all. In addition, our issued patents, or any patents that may issue in the future, may not contain claims sufficiently broad to protect us against third parties with similar technologies or products or provide us with any competitive advantage, including exclusivity in a particular product area. The validity and scope of our patent claims also may vary between countries, as individual countries have their own patent laws. The validity, enforceability, scope and effective term of patents can be highly uncertain and often involve complex legal and factual questions and proceedings that vary based on the local law of the relevant jurisdiction. Our ability to enforce our patents also depends on the laws of individual countries and each country’s practice with respect to enforcement of intellectual property rights. Patent protection must be obtained on a jurisdiction-by-jurisdiction basis, and we only pursue patent protection in countries where we think it makes commercial sense for the given product. In addition, if we are unable to maintain our existing license agreements or other agreements pursuant to which third parties grant us rights to intellectual property, including because such agreements terminate, our financial condition and results of operations could be materially adversely affected.
Patent law reform in the U.S. and other countries may also weaken our ability to enforce our patent rights, or make such enforcement financially unattractive. For instance, in September 2011, the U.S. enacted the America Invents Act, which permits enhanced third-party actions for challenging patents and implements a first-to-invent system. These reforms could result in increased costs to protect our intellectual property or limit our ability to obtain and maintain patent protection for our products in these jurisdictions. Additionally, certain foreign governments have indicated that compulsory licenses to patents may be granted in the case of national emergencies, which could diminish or eliminate sales and profits from those regions and materially adversely affect our financial condition and results of operations.
Our trademarks, logos, and brands may provide us with a competitive advantage in the market as they may be known or trusted by consumers. In order to maintain the value of such brands, we must be able to enforce and defend our trademarks. We have pursued and will pursue the registration of trademarks, logos and service marks in the U.S. and internationally; however, enforcing rights against those who knowingly or unknowingly dilute or infringe our brands can be difficult. Effective trademark, service mark, trade dress or related protections may not be available in every country in which our solutions are available. Enforcement is especially difficult in first-to-file countries where ‘‘trademark squatters’’ can prevent us from obtaining adequate protections for our brands. There can be no assurance that the steps we have taken and will take to protect our proprietary rights in our brands and trademarks will be adequate or that third parties will not infringe, dilute or misappropriate our brands, trademarks, trade dress or other similar proprietary rights.
Many of our products are based on or incorporate proprietary information. We actively seek to protect our proprietary information, including our trade secrets and proprietary know-how, by generally requiring our employees, consultants, other advisors and other third parties to execute proprietary information and confidentiality agreements upon the commencement of their employment, engagement or other relationship. Despite these efforts and precautions, we may be unable to prevent a third party from copying or otherwise obtaining and using our trade secrets or our other intellectual property without authorization and legal remedies may not adequately compensate us for the damages caused by such unauthorized use.
In addition, there can be no assurance that our competitors will not independently develop products or services that are equivalent or superior to our solutions.
We may not be able to protect our intellectual property rights throughout the world.
Third parties may attempt to commercialize competitive products or services in foreign countries where we do not have any patents or patent applications and where legal recourse may be limited. This may have a significant commercial impact on our foreign business operations.
Filing, prosecuting and defending patents on our solutions in all countries throughout the world would be prohibitively expensive, and our intellectual property rights in some countries outside the U.S. may be less extensive than those in the U.S. The requirements for patentability may differ in certain countries, particularly developing countries. For example, Europe has a heightened requirement for patentability of software inventions. Thus, even in countries where we do pursue patent protection, there can be no assurance that any patents will issue with claims that cover our solutions. In addition, the laws of some foreign countries do not protect intellectual property rights to the same extent as laws in the U.S. Consequently, we may not be able to prevent third parties from practicing our inventions in all countries outside the U.S. Competitors may use our technologies in jurisdictions where we have not obtained patent protection to develop their own products and services and further, may export otherwise infringing products and services to territories where we have patent protection, but enforcement on infringing activities is inadequate. These products or services may compete with our products or services, and our patents or other intellectual property rights may not be effective or sufficient to prevent them from competing.
Many companies have encountered significant problems in protecting and defending intellectual property rights in foreign jurisdictions. The legal systems of certain countries, particularly certain developing countries, do not favor the enforcement of patents and other intellectual property protection, which could make it difficult for us to stop the infringement of our patents or marketing of competing products in violation of our proprietary rights generally. Proceedings to enforce our patent rights in foreign jurisdictions could result in substantial costs and divert our efforts and attention from other aspects of our business, could put our patents at risk of being invalidated or interpreted narrowly and our patent applications at risk of not issuing, and could provoke third parties to assert claims against us. We may not prevail in any lawsuits that we initiate, and the damages or other remedies awarded, if any, may not be commercially meaningful. In addition, certain countries in Europe and certain developing countries, including India and China, have compulsory licensing laws under which a patent owner may be compelled to grant licenses to third parties. In those countries, we may have limited remedies if our patents are infringed or if we are compelled to grant a license to our patents to a third party, which could materially diminish the value of those patents. This could limit our potential revenue opportunities. Accordingly, our efforts to enforce our intellectual property rights around the world may be inadequate to obtain a significant commercial advantage from the intellectual property that we own or license. Finally, our ability to protect and enforce our intellectual property rights may be adversely affected by unforeseen changes in foreign intellectual property laws.
Third parties may claim that we or our distributors or licensors are infringing their intellectual property, and we could suffer significant litigation or licensing expenses or be prevented from selling certain solutions.
We or our distributors and licensors could be subject to claims that we are misappropriating or infringing intellectual property (including patents, trademarks, trade dress, copyrights, trade secrets, domain names) or other proprietary rights of others. We may become subject to preliminary or provisional rulings in the course of any such litigation, including potential preliminary injunctions requiring us to cease some or all of our operations. Similarly, if any litigation to which we are a party is resolved adversely, we may be subject to an unfavorable judgment that may not be reversed upon appeal. These claims, even if not meritorious, could be expensive to defend and divert management’s attention from our operations and even if we believe it does not infringe a validly existing third-party right we may choose to license such rights. If we or our distributors or licensors become liable to third parties for infringing these rights, we could be required to pay a substantial damage award, including treble damages in some cases, and to develop non-infringing technology, obtain a license, which may not be available on commercially reasonable terms, or stop activities or services that use or contain the infringing intellectual property, which could include a recall or cessation of sales in the future. We may also decide to settle such matters on terms that are unfavorable to us. We may be unable to develop non-infringing solutions or obtain a license on commercially reasonable terms, or at all. We also may be required to indemnify our customers if they become subject to third party claims relating to intellectual property that we license or otherwise provide to them, which could be costly.
The intellectual property positions of pharmaceutical and health IT services frequently involve complex legal and factual questions. For example, while we generally enter into proprietary information agreements with our employees and third parties which
assign intellectual property rights to us, these agreements may not be honored or may not effectively assign intellectual property rights to us under the local laws of some countries or jurisdictions. We cannot be certain that a competitor or other third party does not have or will not obtain rights to intellectual property that may prevent us from manufacturing, developing or marketing certain of our products, regardless of whether we believe such intellectual property rights are valid and enforceable or we believe we would otherwise be able to develop a more commercially successful product, which may materially adversely affect our business, financial condition and results of operations.
Our solutions depend, in part, on intellectual property and technology licensed from third parties.
Much of our business and many of our solutions rely on key technologies or content developed or licensed by third parties. For example, many of our software offerings are developed using software components or other intellectual property licensed from third parties, including both proprietary and open source licenses. These third-party software components may become obsolete, defective or incompatible with future versions of our solutions, or our relationship with the third-party licensor may deteriorate, or our contracts with the third-party licensor may expire or be terminated. In addition, like most other service providers in the healthcare industry, many of our products rely on proprietary healthcare codes, descriptive terms and other content, such as Current Procedural Terminology codes (“CPT” codes), that third parties, such as the American Medical Association (“AMA”) develop and license for the purpose of maintaining standard language and coding throughout the healthcare industry. Because CPT codes are licensed by the AMA on reasonable and non-discriminatory terms, we anticipate the continued availability of such content; however, if we are unable to maintain an ongoing license for such content, certain of our products may become partially or entirely incompatible with the healthcare industry. We may also face legal or business disputes with licensors that may threaten or lead to the disruption of inbound licensing relationships. In order to remain in compliance with the terms of our licenses, we must carefully monitor and manage our use of third-party software components, including both proprietary and open source license terms that may require the licensing or public disclosure of our intellectual property without compensation or on undesirable terms. Because the availability and cost of licenses from third parties depends upon the willingness of third parties to deal with us on the terms we request, there is a risk that third parties who license to our competitors either will refuse to license to us at all, or refuse to license to us on terms equally favorable to those granted to our competitors. Consequently, we may lose a competitive advantage with respect to these intellectual property rights or we may be required to enter into costly arrangements in order to terminate or limit these rights. Additionally, some of these licenses may not be available to us in the future on terms that are acceptable or that allow our solutions to remain competitive. Our inability to obtain licenses or rights on favorable terms could have a material effect on our business, including our financial condition and results of operations. In addition, it is possible that as a consequence of a merger or acquisition, third parties may obtain licenses to some of our intellectual property rights or our business may be subject to certain restrictions that were not in place prior to such transaction. Because the availability and cost of licenses from third parties depends upon the willingness of third parties to deal with us on the terms we request, there is a risk that third parties who license to our competitors either will refuse to license to us at all, or refuse to license to us on terms equally favorable to those granted to our competitors. Consequently, we may lose a competitive advantage with respect to these intellectual property rights or we may be required to enter into costly arrangements in order to terminate or limit these rights.
Our use of open source technology could impose limitations on our ability to commercialize our solutions.
Our solutions incorporate open source software components that are licensed to us under various public domain licenses. Some open source software licenses require users who distribute open source software as part of their software to publicly disclose all or part of the source code to such software or make available any derivative works of the open source code on unfavorable terms or at no cost. There is little or no legal precedent governing the interpretation of many of these licenses and therefore the potential impact of such licenses on our business is not fully known or predictable. There is a risk that such licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to market our solutions.
While we monitor our use of open source software and try to ensure that none is used in a manner that would require us to disclose our source code or that would otherwise breach the terms of an open source license, such use could inadvertently occur and we may be required to release our proprietary source code, pay damages for breach of contract, re-code or engineer one or more of our offerings, discontinue sales of one or more of our solutions in the event re-engineering cannot be accomplished on a timely basis or take other remedial action that may divert resources away from our development efforts, any of which could cause us to breach obligations to our customers, harm our reputation, result in customer losses or claims, increase our costs or otherwise adversely affect our business and results of operations.
Risks Related to Government Regulation and other Legal Risks
Recent and future developments in the healthcare industry could have a material adverse impact on our business, results of operations or financial condition.
Almost all of our revenue is derived from the healthcare industry, which is highly regulated and subject to changing political, legislative, regulatory and other influences. For example, the ACA changes how healthcare services are covered, delivered and reimbursed. The ACA mandates that substantially all U.S. citizens maintain health insurance coverage, expands health insurance
coverage through a combination of public program expansion and private sector reforms, reduces Medicare program spending and promotes value-based purchasing. The previous presidential administration made significant efforts to repeal or weaken the ACA. For example, under the previous presidential administration, CMS indicated its intent to increase flexibility in state Medicaid programs, including by expanding the scope of waivers under which states may implement Medicaid expansion provisions, imposing different eligibility or enrollment restrictions, or otherwise implementing programs that vary from federal standards. At the same time, members of Congress have in recent years proposed measures that would expand the role of government-sponsored coverage, including single payer or so-called “Medicare-for-All” proposals, which could have far-reaching implications for the healthcare industry if enacted.
While the current presidential administration has signaled its intent to strengthen the ACA and undo previous agency actions that were aimed at weakening the ACA under the former administration, we are unable to predict the full impact of the ACA and other health reform initiatives on our operations in light of the uncertainty regarding whether, when and how the ACA will be further changed, what alternative reforms (including single payer proposals), if any, may be enacted, the timing of enactment and implementation of alternative provisions and the impact of alternative provisions on various healthcare industry participants. Because many of our solutions are designed to assist customers in effectively navigating the shift to value-based healthcare, the elimination of, or significant revisions to, various value-based healthcare initiatives may adversely impact our business.
While many of the provisions of the ACA and other health reform initiatives may not be directly applicable to us, initiatives affect the businesses of our customers and the Medicaid programs. For example, as a result of Medicare payment reductions and other reimbursement changes mandated under the ACA, our customers may attempt to seek price concessions from us or reduce their use of our solutions, especially if provisions expanding coverage are repealed without eliminating the payment reductions or other reimbursement changes. Thus, the ACA may result in a reduction of expenditures by customers or potential customers in the healthcare industry, which could have a material adverse impact on our business, results of operations or financial condition. In addition, certain government programs, such as the Bundled Payments for Care Improvement initiative and the Accountable Care Organization Shared Savings Program, may impact reimbursement to our customers, which could have a material adverse impact on our business, results of operations or financial condition. Further, the general uncertainty of healthcare reform efforts, particularly if Congress repeals provisions of the ACA but delays the implementation date of repeal or fails to enact replacement provisions at the time of repeal, may negatively impact purchase decisions or demand for our solutions.
Moreover, there are numerous federal, state and private initiatives seeking to increase the use of IT in healthcare as a means of improving care and reducing costs. For example, the HITECH Act, which was enacted in 2009, and the Cures Act, which was enacted in 2016, contain incentives and penalties to promote the use of EHR technology and the efficient exchange of health information electronically. Further, the Cures Act provides for penalties to be imposed on IT developers, health information exchanges or networks and health providers that are found to improperly block the exchange of health information. In March 2020, the ONC and CMS released final regulations concerning interoperability and information blocking. The final ONC rules address, among other things, the kinds of industry behaviors that do and do not constitute information blocking under the Cures Act and include new criteria involving exporting electronic health information and standardized APIs for patient services. Health IT developers, exchanges, or networks that do engage in such information blocking by knowingly adopting practices that are likely to interfere with, prevent, or materially discourage the access, exchange, or use of electronic health information, may be subject to civil monetary penalties of up to $1 million per violation. These new rules are not currently applicable to us, but they may be modified to become applicable to us later. These and other initiatives may result in additional or costly legal or regulatory requirements, may encourage more companies to enter our markets, may provide advantages to our competitors and may result in the development of competitive technology solutions. Any such initiatives also may result in a reduction of expenditures by existing or potential customers, which could have a material adverse impact on our business, results of operations or financial condition.
In addition, other general reductions in expenditures by healthcare industry constituents could result from, among other things, government regulation or private initiatives that affect the manner in which providers interact with patients, payers or other healthcare industry constituents, including changes in pricing or means of delivery of healthcare solutions. In addition, cost containment efforts at the federal and state levels may affect industry expenditures. For example, the Budget Control Act of 2011 requires automatic spending reductions to reduce the federal deficit. CMS began imposing a 2% reduction on payments of Medicare claims in 2013. These reductions have been extended through 2029.
Even if general expenditures by healthcare industry constituents remain the same or increase, other developments in the healthcare industry may reduce spending on healthcare IT and services or in some or all of the specific markets we serve or are planning to serve. In addition, our customers’ expectations regarding pending or potential healthcare industry developments also may affect their budgeting processes and spending plans with respect to the types of solutions we provide. For example, use of our solutions could be affected by:
•changes in the billing patterns of providers;
•changes in the design of health insurance plans;
•changes in the contracting methods payers use in their relationships with providers;
•decreases in marketing expenditures by pharmaceutical companies or medical device manufacturers; and
•implementation of government programs that streamline and standardize eligibility enrollment processes, which could result in decreased pricing or demand for our eligibility and enrollment solutions.
The healthcare industry has changed significantly in recent years, and we expect that significant changes will continue to occur. The timing and impact of developments in the healthcare industry are difficult to predict. We cannot be sure that the markets for our solutions will continue to exist at their current levels, will not change in ways that adversely affect us or that we will have adequate technical, financial and marketing resources to react to changes in those markets.
Government regulation, industry standards and other requirements create risks and challenges with respect to our compliance efforts and our business strategies.
The healthcare industry is highly regulated and subject to frequently changing laws, regulations, industry standards and other requirements. Many healthcare laws and regulations are complex, and their application to specific solutions, services and relationships may not be clear. Because our customers are subject to various requirements, we may be impacted as a result of our contractual obligations even when we are not directly subject to such requirements. In particular, many existing healthcare laws and regulations, when enacted, did not anticipate the healthcare IT solutions and services that we provide, and these laws and regulations may be applied to our solutions in ways that we do not anticipate. The ACA, efforts to repeal or materially change the ACA, and other federal and state efforts to reform or revise aspects of the healthcare industry or to revise or create additional legal or regulatory requirements could impact our operations, the use of our solutions and our ability to market new solutions, or could create unexpected liabilities for us.
We also may be impacted by non-healthcare laws, industry standards and other requirements. For example, laws, regulations and industry standards regulating the banking and financial services industry may impact our operations as a result of the payment and remittance services we offer directly or through vendors. Additionally, laws and regulations governing how we communicate with our customers and our customers’ patients may impact our operations and, if not followed, would result in fines, penalties and other liabilities and adverse publicity and injury to our reputation.
We are unable to predict what changes to laws, regulations and other requirements, including related contractual obligations, might be made in the future or how those changes could affect our business or the costs of compliance.
We have attempted to structure our operations to comply with laws, regulations and other requirements applicable to us directly and to our customers and contractors, but there can be no assurance that our operations will not be challenged or impacted by enforcement initiatives. We have been, and in the future may become, involved in governmental investigations, audits, reviews and assessments. Certain of our businesses have been reviewed or are currently under review, including for compliance with various legal, regulatory or other requirements. Any determination by a court or agency that our solutions violate, or cause our customers to violate, applicable laws, regulations or other requirements could subject us or our customers to civil or criminal penalties. Such a determination also could require us to modify or terminate portions of our business, disqualify us from serving customers that do business with government entities or cause us to refund some or all of our service fees or otherwise compensate our customers. In addition, failure to satisfy laws, regulations or other requirements could adversely affect demand for our solutions and could force us to expend significant capital, research and development and other resources to address the failure. Even an unsuccessful challenge by regulatory and other authorities or private whistleblowers could be expensive and time-consuming, could result in loss of business, exposure to adverse publicity and injury to our reputation and could adversely affect our ability to retain and attract customers. Laws, regulations and other requirements impacting our operations include the following:
HIPAA. If we are unable to properly protect the privacy and security of protected health information entrusted to us, we could be found to have breached our contracts with our customers and be subject to investigation by the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”). In the event OCR finds that we have failed to comply with applicable HIPAA privacy and security standards, we could face civil and criminal penalties. In addition, OCR performs compliance audits of Covered Entities and Business Associates in order to proactively enforce the HIPAA privacy and security standards. OCR has become an increasingly active regulator and has signaled its intention to continue this trend. OCR has the discretion to impose penalties without being required to attempt to resolve violations through informal means; further OCR may require companies to enter into resolution agreements and corrective action plans which impose ongoing compliance requirements. OCR enforcement activity can result in financial liability and reputational harm, and responses to such enforcement activity can consume significant internal resources. In addition to enforcement by OCR, state attorneys general are authorized to bring civil actions under either HIPAA or relevant state laws seeking either injunctions or damages in response to violations that threaten the privacy of state residents. Although we have implemented and maintained policies, processes and a compliance program infrastructure (e.g., a Privacy Office) to assist us in complying with these laws and regulations and our contractual obligations, we cannot provide assurance regarding how these laws and regulations will be interpreted, enforced or applied to our operations. In addition to the risks associated with enforcement activities and potential contractual liabilities, our ongoing efforts to comply with evolving laws and regulations at the federal and state levels also might require us to make costly system purchases and/or modifications or otherwise divert significant resources to HIPAA
compliance initiatives from time to time.
HIPAA and its implementing regulations mandate format and data content standards and provider identifier standards (known as the National Provider Identifier) that must be used in certain electronic transactions, such as claims, payment advice and eligibility inquiries. HHS has established standards that health plans must use for electronic fund transfers with providers, has established operating rules for certain transactions, and is in the process of establishing operating rules to promote uniformity in the implementation of the remaining types of covered transactions. The ACA also requires HHS to establish standards for health claims attachment transactions. HHS has modified the standards for electronic healthcare transactions (e.g., eligibility, claims submission and payment and electronic remittance) from Version 4010/4010A to Version 5010. Further, as of 2015, HHS requires the use of updated standard code sets for diagnoses and procedures known as the ICD-10 code sets. Enforcement of compliance with these standards falls under HHS and is carried out by CMS.
In the event new requirements are imposed, we will be required to modify our systems and processes to accommodate these changes. We seek to modify our systems and processes as needed to prepare for and implement changes to the transaction standards, code sets operating rules and identifier requirements; however, we may not be successful in responding to these changes, and any responsive changes we make to our systems and processes may result in errors or otherwise negatively impact our service levels. In addition, the compliance dates for new or modified transaction standards, operating rules and identifiers may overlap, which may further burden our resources.
We also may experience complications related to supporting customers that are not fully compliant with the revised requirements as of the applicable compliance or enforcement date. Some payers and healthcare clearinghouses may interpret HIPAA transaction requirements differently than we do or may require us to use legacy formats or include legacy identifiers as they transition to full compliance with the revised requirements. For example, we continue to process transactions using legacy identifiers for non-Medicare claims that are sent to us to the extent that the intended recipients have not instructed us to suppress those legacy identifiers. Where payers or healthcare clearinghouses require conformity with their interpretations or require us to accommodate legacy transactions or identifiers as a condition of successful transactions, we seek to comply with their requirements. We continue to work with payers, providers, practice management system vendors and other healthcare industry constituents to implement the transaction standards and identifier standards. However, we cannot provide assurances regarding how CMS will enforce the transaction and identifier standards or how CMS will view our practice of accommodating requests to process transactions that include legacy formats or identifiers for non-Medicare claims. It is possible that we, or our customers, could be subject to enforcement actions as a result of these accommodations. Any regulatory change, clarification or enforcement action by CMS that prohibits the processing by healthcare clearinghouses or private payers of transactions containing legacy formats or identifiers could have a material adverse impact on our business, results of operations or financial condition.
Other Privacy and Security Requirements. There also are numerous U.S. federal, state and international privacy and security laws that govern the collection, dissemination, use, access, retention, protection, transfer and confidentiality of personal information. For example, GDPR, which became effective on May 25, 2018, is more stringent than laws and regulations governing personal information in the U.S. Certain of our solutions involve the transmission and storage of customer data in various jurisdictions, which subjects the operation of that service to privacy or data protection laws and regulations in those jurisdictions. While we believe our solutions comply with current regulatory and security requirements, there can be no assurance that such requirements will not change or that we will not otherwise be subject to legal or regulatory actions. GDPR also imposes strict rules on the transfer of personal data to countries outside the EEA, including the U.S. On July 16, 2020, the Court of Justice of the EU struck down a frequently used permitted personal data transfer mechanism between the EU and the U.S., leading to uncertainty about the legal basis for other transfers of personal data to the U.S. from the EU. We and many other companies may need to implement different or additional measures (such as the recently revised standard contractual clauses) to establish or maintain legitimate means for the transfer and receipt of personal data from the EEA and the U.K. to the U.S., and we may, in addition to other impacts, experience additional costs associated with increased compliance burdens, and we face the potential for regulators to apply different standards to the transfer of personal data from the EU and the U.K. to the U.S., and to block, or require ad hoc verification of measures taken with respect to, certain data flows from the EEA and the U.K. to the U.S.
Data protection legislation is also becoming increasingly common in the United States at both the federal and state level. For example, the State of California enacted the California Consumer Privacy Act of 2018 (the “CCPA”), which became effective on January 1, 2020. The CCPA requires companies that process information of California residents to make disclosures to consumers about their data collection, use and sharing practices, allows consumers to opt out of certain data sharing with third parties and provides a new cause of action for data breaches. Additionally, effective starting January 1, 2023, the California Privacy Rights Act (the “CPRA”) will revise and significantly expand the scope of the CCPA. The CPRA also creates a new California data protection agency authorized to implement and enforce the CCPA and the CPRA, which could result in increased privacy and information security enforcement. Other U.S. states have considered and/or enacted similar privacy laws, including Virginia, Colorado and Utah, which passed new consumer privacy laws in 2021 and 2022 that take effect in 2023.
These laws and regulations are rapidly evolving and changing, and could have an adverse impact on our operations. These
laws and regulations are subject to uncertainty in how they may be interpreted and enforced by government authorities and regulators. The costs of compliance with, and the other burdens imposed by, these and other laws or regulatory actions may increase our operational costs, prevent us from providing our solutions, and/or impact our ability to invest in or jointly develop our solutions. We also may face audits or investigations by one or more domestic or foreign government agencies relating to our compliance with these laws and regulations. An adverse outcome under any such investigation or audit could result in fines, penalties, other liability, or could result in adverse publicity or a loss of reputation, and adversely affect our business. Any failure or perceived failure by us or by our solutions to comply with these laws and regulations may subject us to legal or regulatory actions, damage our reputation or adversely affect our ability to provide our solutions in the jurisdiction that has enacted the applicable law or regulation. Moreover, if these laws and regulations change, or are interpreted and applied in a manner that is inconsistent with our policies and processes or the operation of our solutions, we may need to expend resources in order to change our business operations, policies and processes or the manner in which we provide our solutions. This could adversely affect our business, financial condition and results of operations.
Anti-Kickback and Anti-Referral Laws. A number of federal and state laws govern patient referrals, financial relationships with physicians and other referral sources and inducements to providers and patients, including restrictions contained in amendments to the Social Security Act, commonly known as the AKS. The AKS contains a limited number of exceptions, and the OIG of HHS has created regulatory safe harbors to the AKS. Activities that comply with a safe harbor are deemed protected from prosecution under the AKS. Our contracts and other arrangements may not meet an exception or a safe harbor. Additionally, many states have similar anti-kickback laws that are not necessarily limited to items or services for which payment is made by a federal healthcare program. In addition, federal laws restricting certain physician self-referrals (also known as “Stark Law”), as well as state counterparts, may prohibit payment for patient referrals, patient brokering, remuneration of patients, or billing based on referrals between individuals or entities that have various financial, ownership, or other business relationships with physicians or other healthcare providers. To the extent we undertake billing and coding for designated health services, such activities may result in allegations that we have processed or forwarded improper claims.
The laws and regulations in this area are both broad and vague and judicial interpretation can be inconsistent. We review our practices with regulatory experts in an effort to comply with all applicable laws and regulatory requirements. However, we are unable to predict how laws and regulations will be interpreted or the full extent of their application, particularly to services that are not directly billed to or reimbursed by federal healthcare programs, such as transaction processing services. Any determination by a federal or state regulatory authority that any of our activities or those of our customers or vendors violate any of these laws or regulations could: (i) subject us to civil or criminal penalties, (ii) require us to enter into corporate integrity agreements or similar agreements with government regulators to meet ongoing compliance obligations, (iii) require us to change or terminate some portions of our business, (iv) require us to refund a portion of our service fees, and/or (v) disqualify us from providing services to customers that are, or do business with, government programs. These activities could result in a material adverse impact on our business, results of operations or financial condition. Even an unsuccessful challenge of our activities could result in adverse publicity and could require a costly response.
False or Fraudulent Claim Laws; Medical Billing and Coding. Medical billing, coding and collection activities are governed by numerous federal and state civil and criminal laws, regulations and sub-regulatory guidance. We may be subject to, or contractually required to comply with, numerous federal and state laws that prohibit false or fraudulent claims including but not limited to the FCA, the CMP and state equivalents. For example, errors or the unintended consequences of data manipulations by us or our systems with respect to the entry, formatting, preparation or transmission of claims, coding, audit, eligibility and other information, may result in allegations of false or fraudulent claims. False or fraudulent claims under the FCA and other laws include, but are not limited to, billing for services not rendered, making or causing to be made or used a false record or statement that is material to a false claim, failing to refund known overpayments, misrepresenting actual services rendered, improper coding and billing for medically unnecessary items or services. Some of these laws, including CMP, require a lower burden of proof than other fraud, waste and abuse laws. Federal and state authorities increasingly assert liability under CMP, especially where they believe they cannot meet the higher burden of proof requirements under the various criminal healthcare fraud provisions. Current penalties under CMP are significant, up to $100,000 per prohibited kickback and assessments of up to three times the amount claimed or received. Further, violations of the FCA are punishable by treble damages and penalties of up to $23,607 per false claim, and whistleblowers may receive a share of amounts recovered. Civil monetary penalties, including those imposed under the AKS and the FCA, are updated annually based on changes to the consumer price index.
In addition, the FCA prohibits the knowing submission of false claims or statements to the federal government, including to Medicare and Medicaid programs. The FCA also contains whistleblower provisions which allow private individuals to sue on behalf of the federal government alleging that the defendant has defrauded the federal government. Although simple negligence will not give rise to liability under the FCA, “knowingly” is defined broadly by the FCA and submitting a claim with reckless disregard to its truth or falsity can constitute “knowingly” submitting a false claim and may result in liability. Several states, including states in which we operate, have adopted their own false claims provisions and their own whistleblower provisions whereby a private individual may file a civil lawsuit in state court. Civil penalties also may be imposed for the failure to report and return an overpayment made by the federal government within 60 days of identifying the overpayment and also may result in liability under the FCA. The FCA provides
that submission of a claim for an item or service generated in violation of the AKS constitutes a false or fraudulent claim under the FCA. Whistleblowers and federal authorities have taken the position, and some courts have held, that providers who allegedly violated other statutes, such as Stark Law, have thereby submitted false claims under the FCA. Although we believe our processes are consistent with applicable reimbursement rules and industry practice, a court, government authority or whistleblower could challenge these processes. In addition, we cannot guarantee that federal and state authorities will regard any billing and coding errors we process or make as inadvertent or will not hold us responsible for any compliance issues related to claims, reports and other information we handle on behalf of providers and payers. We cannot predict the impact of any enforcement actions under the various false claims and fraud, waste and abuse laws applicable to our operations. Even an unsuccessful challenge of our practices could cause us to incur adverse publicity and significant legal and related costs.
Exclusion from participation in government healthcare programs. We are also subject to the exclusion rules of the OIG whereby OIG may or must exclude individuals and entities convicted of program-related crimes from participation in the Medicare and Medicaid programs. While we regularly screen for excluded individuals as part of our initial hiring and continued employment as well as excluded individuals and entities as part of our contractor practices, we may not always identify all excluded individuals and entities. If we were found to have employed or contracted with an excluded individual or entity, we could face significant consequences such as exclusion from participation in federal healthcare programs, CMPs, and treble damages. We could also have liability to individual customers pursuant to those customer contracts.
FDA and International Regulation of Medical Software. Certain of our products are classified as medical devices and are subject to regulation by the FDA and numerous other federal, state and foreign governmental authorities. If the FDA chooses to regulate more of our solutions as medical devices, or subsequently changes or reverses its guidance regarding not enforcing certain regulatory controls, we may be obligated to comply with extensive requirements. Any additional FDA regulations governing healthcare software products may increase the cost and time-to-market of new or existing solutions or may prevent us from marketing our solutions. If we fail to maintain or obtain regulatory approvals and clearances, or experience significant delays in obtaining, FDA clearances or approvals for our future products or product enhancements, our ability to commercially distribute and market these products could suffer. Modifications to our medical device products may require new regulatory approvals or clearances, or require us to recall or cease marketing the modified devices until these clearances or approvals are obtained. Once a device is on the market, we must comply with numerous additional regulations which may require us to file adverse event reports and recalls as well as manufacture the software in accordance with a quality management system. Compliance with applicable regulatory requirements is subject to continual review and is monitored through periodic inspections by the FDA. In addition, we must comply with requirements and restrictions related to advertising, marketing and promotion of FDA-approved medical devices, as well as more stringent requirements applicable to medical devices that are pending FDA approval. If we fail to comply with regulatory requirements in the U.S. or experience delays in obtaining necessary regulatory approvals or clearances, this could delay production of our medical device products and lead to fines, difficulties in obtaining regulatory approvals or clearances, recalls, enforcement actions, including injunctive relief or consent decrees, or other consequences, which could, in turn, have an adverse effect on our financial condition or results of operations.
Foreign governmental authorities that regulate the manufacture and sale of medical devices have become increasingly stringent and, where we sell our medical device solutions internationally, we are subject to international regulation regarding these medical device solutions. These international regulations could cause us to incur increased costs as they impose increased compliance obligations.
Interoperability Requirements. There is increasing demand among customers, patients, industry groups and government authorities that healthcare IT products provided by various vendors be compatible with each other and allow for the efficient exchange of electronic information. Standards regarding electronic exchange of information and interoperability are subject to regular revision and updates, and we need to modify and enhance products and services accordingly. In March 2020, the ONC and CMS released final regulations concerning interoperability and information blocking. The final ONC rules address, among other things, the kinds of industry behaviors that do and do not constitute information blocking under the Cures Act and includes new criteria involving exporting electronic health information and standardized APIs for patient services. Health IT developers, exchanges, or networks that do engage in such information blocking by knowingly adopting practices that are likely to interfere with, prevent, or materially discourage the access, exchange, or use of electronic health information, may be subject to civil monetary penalties of up to $1 million per violation. The final CMS rule, among other things, effectively mandates interoperability as a condition for participating in Medicare. These new rules are not currently applicable to us, but they may be modified to become applicable to us later. Also, customers may insist that we develop solutions that would subject us to the information blocking rules, and we would incur costs in developing those solutions and becoming compliant with the information blocking rules. We may also be required to have certain solutions certified by the ONC, which could further increase development costs and delay customer sales and implementations. We also may incur costs in periods prior to the corresponding recognition of revenue. To the extent current regulations are subsequently changed or supplemented, customers may postpone or cancel their decisions to purchase or implement such solutions.
Restrictions on Communications. Communications with our customers and our customers’ patients increasingly are scrutinized under laws and regulations governing communications. For example, the Telephone Consumer Protection Act (“TCPA”)
subjects us and our vendors to various rules regarding contacting our customers and our customers’ patients via telephone, fax or text message and may impact our operations. In the last few years, there has been a significant increase in class action lawsuits brought under the TCPA. This increase has been driven, in part, by more expansive interpretations of the activity subject to regulation under the TCPA by some courts and by the Federal Communications Commission (“FCC”), as well as by the significant statutory damages that are potentially available to successful plaintiffs. Because our solutions need and rely upon various messaging components to achieve successful outcomes for us and our customers, our ability to communicate with our customers and their patients may be affected by the TCPA, its implementing regulations and litigation pursuant to the TCPA. In addition, because of the scope and interpretation of the TCPA is continuing to evolve and develop, we inadvertently could fail to comply or be alleged to have failed to comply with the TCPA, and consequently be subject to significant statutory damages and negative publicity associated with class action litigation and/or costs associated with modifying our solutions and business strategies. Furthering the compliance challenges posed by the TCPA is the fact that the FCC and various courts, including the Supreme Court, continue to review dozens of petitions from parties in various industries that seek interpretation of the TCPA’s various regulations. To the extent the FCC issues an order, or the Supreme Court renders an opinion, that alters current understanding and accepted interpretation of the TCPA’s regulations, we may be required to modify our solutions in ways that may make them less attractive to our customers and/or require us to alter our business strategies and incur increased costs. In addition, we also may be subject to claims alleging failure to comply with email and marketing regulations under the CAN-SPAM Act, and additional fax regulations under the Junk Fax Act and data privacy rules under the CCPA, as well as potentially under non-U.S. laws that regulate communications and messaging and that affect our operations, such as CASL, GDPR, and the EU’s e-Privacy Directive and implementing member state laws (and any subsequent changes to such laws). As laws and regulations, including FTC enforcement, rapidly evolve to govern the use of these platforms and devices, the failure by us, our employees or third parties acting at our direction to abide by applicable laws and regulations in the use of these platforms and devices could adversely impact our business, financial condition and results of operations or subject us to fines or other penalties.
Financial Services Related Laws, Regulations and Industry Standards. Financial services and electronic payment processing services are subject to numerous laws, regulations and industry standards. These laws may subject us, our vendors and our customers to liability as a result of our communication and payment solutions. If we fail to comply with any applicable communication and payment rules or requirements, we may be subject to fines and changes in transaction fees and may lose our ability to process payment transactions or facilitate other types of billing and payment solutions. Moreover, in addition to regulatory requirements related to electronic funds transfers, payment transactions processed using the Automated Clearing House Network are subject to network operating rules promulgated by the National Automated Clearing House Association, and these rules may affect our payment practices. Certain payment transactions may be subject to card association and network rules and standards. Failure to comply with such rules or standards could subject us to fines or penalties imposed by such card associations and networks. If any changes in such rules or standards increase the cost of doing business or limit our ability to provide our solutions, our business, results of operations or financial condition could suffer. Further, our communication and payment solutions may impact the ability of our payer customers to comply with state prompt payment laws. These laws require payers to pay healthcare claims meeting the statutory or regulatory definition of a “clean claim” within a specified time frame. Finally, as we expand our financial services offerings we may be subject to additional laws and regulations, including certain consumer protection laws such as the Fair Debt Collections Practices Act, the Fair Credit Reporting Act and various other state laws implicated by such financial services.
Foreign Corrupt Practices Act and Bribery Laws. With our international businesses, we could incur significant fines and penalties, as well as criminal liability, if we fail to comply with either the anti-bribery or accounting requirements of the FCPA, or similar international bribery laws. Even an unsuccessful challenge of our compliance with these laws could cause us to incur adverse publicity and significant legal and related costs.
Physician Payments Sunshine Act. As a medical device manufacturer, we must report to CMS payments or “transfers of value” made to certain healthcare providers and treating hospitals, including meals, travel reimbursement, consulting fees and research payments. The Sunshine Act authorizes significant civil monetary penalties for each payment or transfer of value not accurately or completely reported. Although we have processes in place to track and timely report such financial relationships, we inadvertently may fail to track and report all such financial relationships and thus may be subject to penalties for such non-compliance. Various states have passed transparency and gift ban laws that require reporting or somehow limit the context in which transfers of value may be made by medical device manufacturers to various healthcare professionals. Violations of these state transparency or gift ban statutes may subject us to fines for each occurrence.
U.S. Postal Service Laws and Regulations. Our communication and payment solutions provide mailing services primarily delivered by the U.S. Postal Service (“USPS” or the “Postal Service”). Postage is the most significant cost incurred in the delivery of our communication and payment solutions. Although we generally pass increases in postage costs through to our customers, in some circumstances we may be unable to do so, or the resulting increases in our charges could cause our customers to reduce the volume of our services they purchase. While we cannot predict the magnitude of these effects, they could have a material effect on our business, results of operations or financial condition.
The Postal Service could increase the rates of postage that we must pay. Most of the mail that we send uses market-dominant
mail products, whose postal rates are subject to maximum rate regulation. Current regulatory rules generally limit the average rate increase for each class of market-dominant mail to the rate of increase of the Consumer Price Index (“CPI”). The Postal Service, however, has argued for eliminating or loosening this restriction, and the Postal Regulatory Commission is now considering proposed rule changes that would have this effect. It is also possible that Congress could eliminate or loosen the restriction on postal rate increases through legislation, particularly if the Postal Service continues to report financial losses. Even under current regulatory standards, the Postal Service has broad flexibility to raise rates on individual rate categories within a class of mail faster than the CPI, as long as the average rates for the affected mail class as a whole do not increase the CPI-based rate cap.
Most of the postal rates we pay reflect significant discounts from the basic USPS postage rate structure. These discounts could be changed or discontinued at any time on short notice. The Postal Service also could require more costly or difficult mail preparation (e.g., presorting, barcoding, bundling or destination entry) requirements as a condition for continuing to use the discounted rates. More onerous preparation requirements could force us to incur additional mail preparation costs or pay higher rates of postage. Further, it is possible that the Postal Service, the Postal Inspection Service, or other law enforcement officials could allege that we did not prepare past mailings as required to qualify for the discounted rates at which the mailings were mailed, and that we now owe additional postage. If the government concludes that the noncompliance was intentional or reckless, the government could seek to recover treble damages and civil penalties of up to $23,607 per false claim (adjusted annually to reflect changes in the CPI). If the volume of mail subject to these allegations is large enough, the recovery sought could have a material effect on our business, results of operations or financial condition.
Payment Card Industry Standards. We accept credit card, eCheck, Automated Clearing House (“ACH”) Payments, and payments via online portal, phone/Interactive Voice Response system or by mail. Compliance with contractual obligations and evolving privacy and security laws, requirements and regulations may result in cost increases due to necessary systems changes, new limitations or constraints on our business and the development of new administrative processes. If we fail to adequately control fraudulent ACH, credit card and debit card transactions, we may face civil liability, diminished public perception of our security measures and significantly higher ACH, credit card and debit card related costs, each of which could adversely affect our business, financial condition and results of operations. The termination of our ability to process payments through ACH transactions or on any major credit or debit card would adversely affect our ability to operate our business.
Other State Healthcare Laws. Most states have a variety of laws that potentially impact our operations and business practices. If our arrangements with physicians or other practitioners were found to violate a corporate practice of medicine, nursing and other licensed professions prohibition or fee-splitting prohibition, we may be subject to civil or criminal penalties, be required to terminate or make changes to our contractual arrangements with practitioners or to our business, or be required to remit portions of our services fees to practitioners, which, in turn, may adversely affect both our operations and profitability. Further, we could face sanctions for aiding and abetting the violation of the state’s professional licensure statutes. In addition, we hold certain state licenses and enrollments in government healthcare programs which subject us to additional requirements and scrutiny by government regulators. Failure to comply with requirements and obligations imposed by such licensure and enrollments may result in civil and criminal penalties and may adversely affect our business. We continually monitor legislative, regulatory and judicial developments related to licensure and engagement arrangements with professionals; however, new agency interpretations, federal or state legislation or regulations, or judicial decisions could require us to change how we operate, may increase our costs of services and could have a material adverse impact on our business, results of operations or financial condition.
We may be a party to legal, regulatory and other proceedings that could result in unexpected adverse outcomes.
From time to time, we have been, are and may in the future be, a party to legal and regulatory proceedings and investigations, including matters involving governmental agencies and entities with which we do business and other proceedings and investigations arising in the ordinary course of business, as described in more detail above. In addition, there are an increasing number of, and we may be subject to, investigations and proceedings in the healthcare industry generally that seek recovery under HIPAA, AKS, the FCA, the CMP, the Stark Law, the Sunshine Act, state laws and other statutes and regulations applicable to our business as described in more detail above. These and other similar statutory requirements impose statutory penalties for proven violations, which could be significant. We also may be subject to legal proceedings under non-healthcare federal, state and international laws affecting our business, such as the TCPA, the Fair Debt Collections Practices Act, the Fair Credit Reporting Act, CAN-SPAM Act, Junk Fax Act, FCPA, the CCPA, GDPR, employment, banking and financial services and USPS laws and regulations, as further detailed above. Such proceedings are inherently unpredictable, and the outcome can result in verdicts and/or injunctive relief that may affect how we operate our business or we may enter into settlements of claims for monetary payments. In some cases, substantial non-economic remedies or punitive damages may be sought. Governmental investigations, audits and other reviews could also result in criminal penalties or other sanctions, including restrictions, changes in the way we conduct business or exclusion from participation in government programs. We evaluate our exposure to these legal and regulatory proceedings and establish reserves for the estimated liabilities in accordance with accounting principles generally accepted in the United States of America (“GAAP”). Assessing and predicting the outcome of these matters involves substantial uncertainties. Unexpected outcomes in these legal proceedings, or changes in management’s evaluations or predictions and accompanying changes in established reserves, could have a material adverse impact on our business, results of operations or financial condition.
Litigation is costly, time-consuming and disruptive to normal business operations. The defense of these matters could also result in continued diversion of our management’s time and attention away from business operations, which could also harm our business. Even if these matters are resolved in our favor, the uncertainty and expense associated with unresolved legal proceedings could harm our business and reputation.
We may be subject to claims that our employees, consultants or independent contractors have wrongfully used or disclosed confidential information of third parties.
We have received confidential and proprietary information from third parties. In addition, we may employ individuals who were previously employed at other healthcare companies. We may be subject to claims that us or our employees, consultants or independent contractors have inadvertently or otherwise improperly used or disclosed confidential information of these third parties or our employees’ former employers. Further, we may be subject to ownership disputes in the future arising, for example, from conflicting obligations of consultants or others who are involved in developing our solutions. We may also be subject to claims that former employees, consultants, independent contractors or other third parties have an ownership interest in our patents or other intellectual property. Litigation may be necessary to defend against these and other claims challenging our right to and use of confidential and proprietary information. In addition to paying monetary damages, if we fail in defending against any such claims we may lose our rights therein, which could have a material adverse effect on our business. Even if we are successful in defending against these claims, litigation could result in substantial cost and be a distraction to our management and employees.
Risks Related to Mergers, Acquisitions and Divestitures
Our business will suffer if we fail to successfully integrate acquired businesses and technologies or to appropriately assess the risks in particular transactions.
We have historically acquired, and, consistent with the UHG Agreement, in the future may acquire, businesses, technologies, services, product lines and other assets. The successful integration of any businesses and assets we have acquired or may acquire can be critical to our future performance. The amount and timing of the expected benefits of any acquisition, including potential synergies, are subject to risks and uncertainties. These risks and uncertainties include, but are not limited to, those relating to:
•our ability to maintain relationships with the customers and suppliers of the acquired business;
•our ability to cross-sell solutions to customers with which we have established relationships and those with which the acquired businesses have established relationships;
•our ability to retain or replace key personnel of the acquired business;
•potential conflicts in payer, provider, vendor or marketing relationships;
•our ability to coordinate organizations that are geographically diverse and may have different business cultures;
•the diversion of management’s attention to the integration of the operations of businesses or other assets we have acquired;
•the continued coordination and cooperation with sellers pursuant to transition services agreements;
•difficulties in the integration or migration of IT systems, including secure data sharing across networks securely and maintaining the security of the IT systems; and
•compliance with regulatory, contracting and other requirements, including internal control over contracting and financial reporting.
We cannot guarantee that any acquired businesses, technologies, services, product lines or other assets will be successfully integrated with our operations in a timely or cost-effective manner, or at all. Failure to successfully integrate acquired businesses or to achieve anticipated operating synergies, revenue enhancements or cost savings could have a material adverse impact on our business, results of operations or financial condition.
Although we attempt to evaluate the risks inherent in each transaction and evaluate acquisition candidates appropriately, we may not properly ascertain all risks and the acquired businesses or other assets may not perform as expected or enhance our value as a whole. Acquired businesses also may have larger than expected liabilities that are not covered by the indemnification, if any, that we are able to obtain from the sellers. Furthermore, the historical financial statements of companies are prepared by seller management and are not independently verified by our management. In addition, pro forma financial statements prepared by us to give effect to such acquisitions may not accurately reflect the results of operations that would have been achieved had the acquisition of such entities been completed at the beginning of the applicable periods. There are also no assurances that we will continue to acquire businesses at valuations consistent with prior acquisitions or that we will complete acquisitions at all. If we are unable to successfully complete and integrate strategic acquisitions in a timely manner, our business and growth strategies could be negatively affected.
We may not realize the anticipated benefits of divestitures.
We have, and consistent with the UHG Agreement, in the future, may divest assets or businesses. We may encounter difficulty in finding or completing divestiture opportunities or alternative exit strategies on acceptable terms or in a timely manner. These circumstances could delay the achievement of our strategic objectives or cause us to incur additional expenses with respect to assets or a business that we want to dispose of, or we may dispose of assets or a business at a price or on terms that are less favorable
than anticipated. Additionally, such dispositions could result in disruption to other parts of our business, potential loss of employees or customers, exposure to unanticipated liabilities or result in ongoing obligations and liabilities to us following a divestiture. For example, in connection with a disposition, we may be contractually obligated to continue obligations to customers, vendors, or other third parties, and we may have continuing indemnities and obligations for pre-existing liabilities related to the assets or businesses. Such obligations could have a material adverse impact on our business, results of operations or financial condition.
Financial Risks and Risks Related to Taxation and Accounting
Substantial indebtedness could adversely affect our financial condition, our ability to operate our business, our ability to react to changes in the economy or our industry, our ability to meet obligations under our outstanding indebtedness and could divert our cash flow from operations for debt payments.
We have a substantial amount of debt, which requires significant interest and principal payments. As of March 31, 2022, our total indebtedness was approximately $4,590.1 million. In addition, we had $779.5 million of availability under the senior secured revolving credit facility (the “Revolving Facility”). Pursuant to the UHG Agreement, our indebtedness may be extinguished in connection with the consummation of the UHG Transaction. Subject to certain restrictions on our ability to incur additional indebtedness contained in the UHG Agreement, the limits contained in the credit agreement that governs our Revolving Facility and our senior secured term loan facility (“Term Loan Facility”, together with the Revolving Facility, the “Senior Credit Facilities”) and the indenture that governs our senior notes (“Senior Notes”), we may be able to incur additional debt from time to time to finance working capital, capital expenditures, investments or acquisitions, or for other purposes. If we do so, the risks related to the level of debt could increase and have important consequences, including the following:
•it may be difficult to satisfy our obligations, including debt service requirements under outstanding debt;
•our ability to obtain additional financing for working capital, capital expenditures, debt service requirements, acquisitions or other general corporate purposes may be impaired;
•a substantial portion of cash flow from operations are required to be dedicated to the payment of principal and interest on indebtedness, therefore reducing our ability to use our cash flow to fund our operations, capital expenditures, future business opportunities and other purposes;
•we could be more vulnerable to economic downturns and adverse industry conditions and our flexibility to plan for, or react to, changes in our business or industry are more limited;
•our ability to capitalize on business opportunities and to react to competitive pressures, may be compromised due to our level of debt and the restrictive covenants in the credit agreement that governs the Senior Credit Facilities and the indenture that governs the Senior Notes;
•our ability to borrow additional funds or to refinance debt may be limited; and
•such indebtedness may cause potential or existing customers to not contract with us due to concerns over our ability to meet our financial obligations under such contracts.
Our ability to make scheduled payments and refinance our indebtedness depends on our financial and operating performance, which in turn is affected by general and regional economic, financial, competitive, business and other factors and reimbursement actions of governmental and commercial payers, all of which are beyond our control. We cannot guarantee that our business will generate sufficient cash flow from operations or that future borrowings will be available. Any refinancing or restructuring of indebtedness could be at higher interest rates and may require us to comply with more onerous covenants that could further restrict our business operations. Moreover, in the event of a default, the holders of such indebtedness could elect to declare such indebtedness be due and payable and/or elect to exercise other rights, such as the lenders under the Revolving Facility terminating their commitments thereunder and ceasing to make further loans or the lenders under the Senior Credit Facilities instituting foreclosure proceedings against their collateral, any of which could materially adversely affect our results of operations and financial condition.
Furthermore, all of the debt under the Senior Credit Facilities bears interest at variable rates. If interest rates increase, our debt service obligations on our Senior Credit Facilities would increase and our net income and cash flows, including cash available for servicing our indebtedness, would correspondingly decrease.
Our debt agreements impose significant operating and financial restrictions, which may prevent us from capitalizing on business opportunities.
The credit agreement that governs our Senior Credit Facilities and the indenture that governs our Senior Notes each impose significant operating and financial restrictions which limit our ability to, among other things:
•incur or guarantee additional debt or issue disqualified stock or preferred stock;
•pay dividends and make other distributions on, or redeem or repurchase, capital stock;
•make certain investments;
•incur certain liens;
•enter into transactions with affiliates;
•merge or consolidate;
•enter into agreements that restrict the ability to make dividends or other payments;
•designate restricted subsidiaries as unrestricted subsidiaries; and
•transfer or sell assets.
As a result of these restrictions, along with the restrictions in the UHG Agreement, we may be limited as to how we conduct our business and we may be unable to raise additional financing to compete effectively or take advantage of new business opportunities. The terms of any future indebtedness could include more restrictive covenants. We cannot guarantee that we will be able to maintain compliance with these covenants in the future and, if they fail to do so, that they will be able to obtain waivers from the lenders and/or amend the covenants. Failure to comply with the restrictive covenants described above as well as the terms of any future indebtedness could result in an event of default, which, if not cured or waived, could result in it being required to repay these borrowings before their due date. If we are forced to refinance these borrowings on less favorable terms or cannot refinance these borrowings, our results of operations and financial condition could be adversely affected.
Changes in the method for determining LIBOR or the elimination of LIBOR could affect our results of operations or financial condition.
On March 5, 2021, the Financial Conduct Authority of the U.K., which regulates LIBOR, announced (the “FCA Announcement”) that all LIBOR tenors will cease to be published or will no longer be representative after June 30, 2023. The FCA Announcement coincides with the March 5, 2021 announcement of LIBOR’s administrator, the ICE Benchmark Administration Limited (the “IBA”), indicating that, as a result of not having access to input data necessary to calculate LIBOR tenors on a representative basis after June 30, 2023, the IBA would have to cease publication of such LIBOR tenors immediately after the last publication on June 30, 2023. The United States Federal Reserve has also advised banks to cease entering into new contracts that use USD LIBOR as a reference rate. The Federal Reserve, in conjunction with the Alternative Reference Rate Committee, a committee convened by the Federal Reserve that includes major market participants, has identified the Secured Overnight Financing Rate (“SOFR”), a new index calculated by short-term repurchase agreements, backed by Treasury securities, as its preferred alternative rate for LIBOR. There are significant differences between LIBOR and SOFR, such as LIBOR being an unsecured lending rate while SOFR is a secured lending rate, and SOFR is an overnight rate while LIBOR reflects term rates at different maturities. Although SOFR is the ARRC’s recommended replacement rate, it is also possible that lenders may instead choose alternative replacement rates that may differ from LIBOR in ways similar to SOFR or in other ways that would result in higher interest costs for us. We have material contracts that are indexed to USD-LIBOR and are monitoring this activity and evaluating the related risks.
U.S. federal tax reform could adversely affect our results of operations.
On December 22, 2017, the Tax Cuts and Jobs Act of 2017 was signed into law, which made significant changes to the Code. Among other changes, Section 163(j) of the Code was amended to limit the deductibility of net interest expense paid or accrued on debt properly allocable to a trade or business to 30% of “adjusted taxable income,” subject to certain exceptions. Any deduction in excess of the limitation is carried forward and may be used in a subsequent year, subject to the 30% limitation. Under the Coronavirus Aid, Relief, and Economic Security Act, the 30% limitation was temporarily increased to 50% for taxable years ended March 31, 2020 and March 31, 2021. Adjusted taxable income is determined without regard to certain deductions, including those for net interest expense, net operating loss carryforwards and, for taxable years beginning before January 1, 2022, depreciation, amortization and depletion. While the impact of this rule is not completely clear and could change due to the issuance of additional interpretive guidance or changes in our level of indebtedness, we expect these rules will limit the amount of net interest expense that we and our subsidiaries can use as a deduction against taxable income and, as a result, may negatively impact our financial condition and results of operations.
The amounts we will be required to pay under tax receivable agreements (“TRAs”) could be significant and, in certain circumstances, could differ significantly from the underlying tax benefits realized.
We were originally formed to hold an equity investment in Change Healthcare LLC (the “Joint Venture”), a joint venture between the Company and McKesson Corporation (“McKesson”).We are currently subject to certain TRAs with current and former owners; however, pursuant to the UHG Agreement, we expect each TRA will be terminated in connection with the consummation of the UHG Transaction. One of the existing tax receivable agreements (the “McKesson Tax Receivable Agreement”) generally provides for the payment to affiliates of McKesson (the “McKesson TRA Parties”) of 85% of certain cash tax savings realized or expected to be realized as a result of (i) certain amortization from tax basis in assets transferred to the Joint Venture when the Joint Venture was created and (ii) imputed interest deductions and certain other tax attributes arising from payments under the McKesson Tax Receivable Agreement. We, the Joint Venture, McKesson and certain of McKesson’s affiliates have also entered into an amended and restated letter agreement (the “Letter Agreement”) pursuant to which McKesson may choose to allocate an amount of deductions related to certain amortizable tax basis in assets transferred to the Joint Venture at the consummation of the Joint Venture Transactions to us in excess of a specified minimum threshold, in which case we may be required to make cash payments to McKesson equal to 100% of our tax savings attributable to such excess deductions for any tax period ending prior to the date on which McKesson ceases
to own at least 20% of the Joint Venture. Because McKesson ceased to own at least 20% of the Joint Venture during the year ended March 31, 2020, the Letter Agreement applies only to tax benefits obtained in the periods ended March 31, 2019 and earlier, of which we estimate there are none.
Another existing tax receivable agreement (the “2017 Tax Receivable Agreement”) generally requires payments to affiliates of the Sponsors and certain other former stockholders of Change Healthcare Performance, Inc. (the “2017 TRA Parties”) of 85% of the net cash tax savings realized or expected to be realized by Change Healthcare Performance, Inc. and our subsidiaries in respect of periods ending on or after the Joint Venture was created as a result of certain net operating losses and certain other tax attributes of Change Healthcare Performance, Inc. as of the date of the Joint Venture was created.
A predecessor to Change Healthcare Performance, Inc. is party to certain tax receivable agreements (the “2009—2011 Tax Receivable Agreements,” and together with the 2017 Tax Receivable Agreement, the “Legacy CHC Tax Receivable Agreements”) which were assumed by the Joint Venture in connection with the Joint Venture its creation. We are obligated to make payments to certain of the former Legacy CHC Stockholders (the “2009—2011 CHC TRA Parties,” and collectively, with the McKesson TRA Parties and the 2017 TRA Parties, the “TRA Parties”), equal to 85% of the applicable cash savings that the Joint Venture realizes or is expected to realize as a result of tax attributes arising from certain previous transactions. Because covered changes of control with respect to the 2009—2011 Tax Receivable Agreements occurred as a result of the creation of the Joint Venture and other previous reorganizations, payments the Joint Venture makes under the 2009—2011 Tax Receivable Agreements are calculated using certain valuation assumptions, including that the Joint Venture will have sufficient taxable income to use the applicable tax attributes and that certain of such tax attributes will be used by the Joint Venture on a pro rata basis from the date the Joint Venture was created (or in certain cases from the date of certain previous transactions) through the expiration of the applicable tax attribute.
The payments required under these tax receivable agreements could be substantial. The amount and timing of any payments will vary depending upon a number of factors, including the amount and timing of the taxable income we generate in the future and the tax rate then applicable. We expect that, assuming no material changes in tax law and that we earn sufficient taxable income to realize the full potential tax benefit of the tax attributes in respect of which we are required to make payments, future payments under the tax receivable agreements will range from $0.4 million to $84.5 million per year over the next 17 years. As of March 31, 2022, we expect total remaining payments under the tax receivable agreements of approximately $439.1 million. See Note 20, Tax Receivable Agreement Obligations, within Item 8 of this Form 10-K.
There may be circumstances in which the payments under the tax receivable agreements differ significantly (in both timing and amount) from the underlying tax benefits the TRA Affiliates actually realize. Pursuant to the tax receivable agreements, upon a covered change of control, the TRA Affiliates could be required to make payments that significantly exceed the actual cash tax savings from the tax benefits giving rise to such payments. As noted above, with respect to the 2009—2011 Tax Receivable Agreements, covered changes of control previously occurred as a result of the creation of the Joint Venture and other previous reorganizations. Moreover, in certain circumstances, the TRA Affiliates will have the option to terminate the tax receivable agreements in exchange for a lump-sum payment (based on an assumption that all expected potential tax benefits actually will be realized). In addition, under the tax receivable agreements, none of the TRA Parties will reimburse the TRA Affiliates for any payments previously made if such tax benefits are subsequently disallowed, except that excess payments made to a TRA Party will be netted against payments otherwise to be made, if any, after the determination of such excess. As a result, in such circumstances, the TRA Affiliates could make payments under the tax receivable agreements that are greater than the actual cash tax savings and may not be able to recoup those payments. Any difference between the payments made and the underlying tax benefits actually realized could adversely affect our business or financial condition. Furthermore, because certain of the TRA Affiliates are holding companies with no operations of their own, their ability to make payments under each relevant tax receivable agreement is substantially dependent on the ability of their subsidiaries to make distributions to them. To the extent that the TRA Affiliates are unable to make payments under the tax receivable agreements for any reason, such payments will be deferred and will accrue interest until paid.
A write-off or acceleration of amortization of all or a part of our long-lived assets (including identifiable intangible assets and goodwill) would adversely affect our operating results and reduce our net worth.
We have significant long-lived assets which include property and equipment, intangible assets, operating lease right-of-use assets, other noncurrent assets and goodwill. As of March 31, 2022, long lived assets collectively represented more than 87% of our total assets. We amortize property and equipment, identifiable intangible assets, operating lease right-of use assets and relevant other noncurrent assets over their estimated useful lives. Though we are not permitted to amortize goodwill, we evaluate goodwill for impairment at least annually. In the event of anticipated obsolescence or impairment of our long-lived assets, we may write-off all or part of the affected assets or accelerate the related amortization of these assets. Other risks and future developments that we are unable to anticipate as of the testing date may require us to further revise future projected cash flows, which could adversely affect the fair value of reporting units in future periods. A write-off or acceleration of amortization in the future would result in an immediate one-time charge to earnings in the event of an impairment of assets and, in the event of anticipated obsolescence of assets that do not reach the level of an impairment, regular reductions to earnings over the remaining lives of the affected assets. Although it would not affect our cash flow, a write-off or acceleration of amortization in future periods of all or a part of these long-lived assets would adversely
affect our financial condition and results of operations.
Risks Related to Ownership of Our Common Stock
If securities or industry analysts do not publish research or reports about our business, or if they downgrade their recommendations regarding our common stock, the price and trading volume of our common stock could decline.
The trading market for our common stock is influenced by the research and reports that industry or securities analysts publish about us or our business. If any of the analysts who cover us downgrade our common stock or publish inaccurate or unfavorable research about our business, the trading price of our common stock may decline. If analysts cease coverage of us or fail to regularly publish reports on us, we could lose visibility in the financial markets, which in turn could cause the trading price or trading volume of our common stock to decline and our common stock to be less liquid. In connection with the announcement of the UHG Transaction, several analysts have ceased coverage of us.
You may be diluted by the future issuance of additional shares of our common stock in connection with our incentive plans, acquisitions or otherwise.
As of March 31, 2022, we had approximately 8,686,900,000 shares of our common stock authorized but unissued. Our Amended and Restated Certificate of Incorporation authorizes us to issue authorized but unissued shares of our common stock and options, rights, warrants and appreciation rights relating to our common stock for the consideration and on the terms and conditions established by our board of directors in our sole discretion, whether in connection with acquisitions or otherwise. Sales of substantial amounts of our common stock in the public market, or the perception that these sales could occur, could cause the market price of our common stock to decline. In the future, we may issue additional shares of common stock or other equity or debt securities convertible into or exercisable or exchangeable for shares of our common stock in connection with a financing, acquisition, litigation settlement or pursuant to our equity compensation plans, including our 2019 Omnibus Incentive Plan, our legacy 2009 equity incentive plan or our Employee Stock Purchase Plan. Any