The new IT landscape for health insurers

By Madhu Pawar and Wayne E. Pietraszek

A volatile new health care environment is emerging in the United States. These are times of trouble—and opportunity—for the payers’ CIOs.

Periodically, a dramatic change in an industry enables CIOs to step up and play a decisive role in corporate affairs. We see such a seismic shift in the US health insurance industry, which faces the most sweeping changes in its half-century history. The ranks of the health care payers comprise more than 350 companies, with combined revenues of $500 billion and combined IT spending of $13 billion annually. These businesses range from statewide organizations, such as some of the Blue Cross and Blue Shield companies, to multistate companies, such as Aetna and Cigna.

Three mandates that will drive change

Three principal regulatory currents are producing the impending change: the recently passed federal health care reform bill, new health care IT mandates from last year’s US stimulus package, and ICD-10, a long-overdue expansion of coding standards for the exchange of health care data across payers and providers. Each of these forces will alter the way health care payers deliver services to patients and process the large flows of payments at the heart of the business. IT systems are central to both.

Across the industry, most of the payers’ IT functions are not fully prepared to assume the enormous challenges posed by the required changes. Payers face stark choices. They can make major investments to upgrade systems in order, to meet the new requirements, or consider new operating models based on strategic partnerships utilizing other companies’ IT capabilities. How payers choose to address these questions will determine not only the success of individual companies but also the shape of the entire industry as it faces disruptive regulatory change.

Health care reform

The Patient Protection and Affordable Care Act became law on March 23, 2010. Some of its provisions will be implemented within the first 12 months of enactment, and others will be phased in through 2014. The legislation anticipates 30 million new individuals will join insurance rolls, while an additional 100 million will be shifting policies. The law will usher in a fundamental change to the industry’s business model.

Today, payers mostly follow a business-to-business model: 90 percent of all private policies are paid for by employers that negotiate prices and terms of coverage. The recent legislation mandates new insurance exchanges, subsidies, and tax credits that will lead millions of consumers to contract directly with the health insurance payers. These companies will need to develop new consumer-marketing capabilities and consumer IT on a large scale—for instance, advanced Web capabilities, insurance exchange connectors, and customer-relationship-management (CRM) systems.

The new legislation also mandates dramatic changes to risk pooling and pricing. Going forward, all individuals will be able to purchase policies regardless of previous medical conditions, and the variability in pricing among policies has been severely restricted. All of a payer’s pricing- and risk-management systems will need to be redesigned. Successful payers will also have to provide products that appeal to previously uninsured healthy young adults, on the one hand, and to many more chronically ill individuals, on the other.

At present, many payers have little expertise in the market segmentation and targeted marketing they will need. Similarly, they have little experience matching pricing to risk in these broad new markets. Both requirements will call for new consumer-marketing and consumer IT capabilities similar to those that successful credit card companies use.

US stimulus funding

In 2009, the US Congress passed the American Recovery and Reinvestment Act (ARRA), which contains special provisions for health care IT. The goal, in the words of President Obama, was to “make sure that every doctor’s office and hospital in this country is using cutting-edge technology and electronic health records, so that we can cut red tape, prevent medical mistakes, and help save billions of dollars each year.”1

Starting in 2011, the ARRA will provide $37 billion to hospitals and physicians making “meaningful use” of electronic health records, with penalties for those failing to do so by 2015.2 To improve the performance of health care IT, the act targets $9.4 billion for areas such as telemedicine, data sharing, and broadband technology. An additional $2 billion is available to help build an infrastructure that provides for the ready exchange of electronic health records among the providers’ systems. Additional funding covers research on the effectiveness of treatments. The act also establishes standards for privacy, among other things.

These reforms will first affect providers, as over the next decade health care will become rooted in readily available, comprehensive medical records and IT-based clinical decisions. Much is at stake for payers as well with the advent of extensive electronic health records. The ability to identify and propagate effective medical treatments and drug therapies will be important levers in the payers’ efforts to improve the health of patients and to cut health care costs. To promote those goals, the payers’ CIOs will need to build substantial new systems that can readily interface with health information exchanges and analyze electronic health records. Using advanced analytics, payers can ensure that their networks use only medically proven and cost-effective treatments.

ICD-10

The modern data format documenting diagnosis and procedure codes—ICD-10—was released by the UN World Health Organization in 1994. Many developed countries, including Canada, Germany, and the United Kingdom, already use it. But it is overdue in the United States, where it will replace ICD-9 and expand the available number of medical codes by a factor of eight. This change will enable a much more detailed description of diagnoses and treatments.

While ICD-10 promises to improve the accuracy of medical management and claims, its adoption will force payers to undertake an effort likely to exceed that of the Y2K campaign as they expand the fields in their databases and support the new coding structure. ICD-10 will require payers to upgrade most of their existing IT applications, including those for adjudicating claims, managing medical cases, contracting with providers, preventing fraud, billing customers, and paying providers. Yet while the costs of adopting ICD-10 are significant, the potential regulatory penalties for failing to adopt will make it a necessity.

Payer IT falls short in a number of key areas

To address these changes, CIOs will need to transform more than 90 percent of a typical payer’s IT architecture and to help other executives make the corresponding changes in their business processes (Exhibit 1). We have indentified five core areas where improvements will be necessary.

Image_Exhibit 1_1

Customer-focused capabilities

To succeed in the retail market, payers must develop both new capabilities (such as online sales) for interacting with their customers and new marketing analytic capabilities (for instance, customer database management).

The payers will have to create an integrated front-end sales system that appeals to today’s demanding consumer. Currently, payers primarily use the direct sales force to service large clients. In the future, they will also need online channels to attract and manage new individual customers at the retail level. To do so, these companies must build new capabilities few of them currently have—for example, to offer quotes and issue policies instantly, much as the most advanced auto insurers do today. Web sites will also be an important tool for helping individual customers to achieve healthier lifestyles. Payers that excel at these capabilities will cut medical costs, something that will be critical to success in the retail market.

Payers will also have to compete successfully in the new health insurance exchanges. Lessons from the Massachusetts Health Connector demonstrate that a seamless data interface is essential. Payers will need IT systems that can present their products, services, and prices in a compelling way on these exchanges. They will have to support the flow of inquiries and orders from the exchanges in a robust fashion and to provide strong customer service on those orders. All of this will fall to CIOs and their teams.

Success in the retail market will require payers to develop new marketing analytics as well. One of them, the ability to calculate the likely lifetime value of a customer, helps the best consumer-marketing companies segment their service and product offerings to customers. A lifetime-value view—a key to effective CRM—will give payers new capabilities for identifying, targeting, capturing, and retaining attractive consumers.

To achieve such a capability, companies must track all interactions with individual customers and use the information to segment them into groups with materially different costs to serve and profit margins. Many payers now have multiple, siloed customer databases, which make it difficult to track individual members over their lifetimes or to recognize that they have experienced a major life event, such as a change in marital status, the onset of a major disease, or retirement. Achieving a lifetime-value view of consumers will require the CIOs of the payers to develop a single integrated view of their members and to identify all transactions associated with them.

A flexible product-development capability

In the new environment, payers must be able to create new products—swiftly and flexibly—that are fine-tuned to the evolving marketplace. This goal will require the simplification of the IT systems that support product development and deployment. The resulting near-zero setup costs and reduced ongoing maintenance for new products will help accelerate product innovation.

A typical payer today has a complex array of IT applications—often a patchwork of legacy and customized programs with hardwired interconnections. Payers have traditionally built products (for instance, GM’s employee health plan) from the ground up to meet the specific needs of a large employer group. They have not taken advantage of more modular approaches that might allow them to generate new products more cheaply and quickly, in a largely automated way. The payers’ CIOs will therefore need to create simplified IT architectures and product-development platforms that can be configured more easily than those of the present.

Retooling pricing and risk-management applications

Payers today have sophisticated actuarial risk-assessment systems that estimate the cost of providing health care to widely differing individuals and groups. The ability to price policies to reflect specific risks is now a key competitive differentiator among payers. But the health reform legislation restricts this practice significantly—for instance, by prohibiting the refusal to insure applicants with preexisting conditions. It requires the use of simplified pricing bands for all members, with a much lower price ratio from the cheapest to the most expensive policies. Implementing this regulatory change will require the payers’ CIOs and their business colleagues to retool the entire set of actuarial and pricing systems. In the future, payers will need to compete not through pricing or by excluding risk but by differentiating products and identifying customers in a sophisticated way. The CIO will be a key contributor to this change.

A medical-informatics capability

The successful use of electronic health records, health information exchanges, and comparative-effectiveness research will ultimately improve the practice of medicine and cut medical costs. By making all relevant patient information available at the point of treatment, these developments will reduce duplication in medical diagnoses and improve patient outcomes through superior understanding.

Successful payers will accelerate this change within their networks of providers and leverage the new information to improve their medical-management capabilities. CIOs will need to champion the right IT investments to achieve the maximum impact. The wealth of information flowing between providers, when combined with the payers’ own claims database and medical-management capabilities, will enable payers to have a positive influence on the practice of medicine in their provider networks. Success will hinge on inducing the best outcomes for patients at the lowest cost.

Coding substructures

Compliance with the ICD-10 standard is mandatory and will be essential to exchange standardized data. Payers will need to achieve ICD-10 coding standard by October 2013. Failure to meet this date could result in significant penalties, so the payers’ CIOs must push the changes through their organizations.

Data structures will change significantly, as the new ICD-10 codes contain seven digits versus five with the previous ICD-9 codes (Exhibit 2). Significant changes will also have to be made in program logic, since the new codes do not map directly with the old ones. In fact, as noted above the number of codes will increase significantly—a tremendous growth in documentation of the medical details of diagnosis and treatment.

Image_Exhibit 2_2

Most challenging, perhaps, CIOs will need to facilitate major process changes not only within the payers’ organizations but also outside them. ICD-10 will substantively influence a payer’s medical-management, network-contracting, claims-processing, customer service, actuarial, underwriting, and business intelligence functions. It will also require collaboration among payers and health service providers so that they can adopt the new codes simultaneously.

Two strategies for payer organizations

Tackling any one of these developments would represent a substantial test for even the most capable CIO. Combining and managing them in the short time frame set by the law represents an unprecedented challenge. Among the payers we have studied, two strategies have emerged. We have highlighted the experiences of two companies to illustrate these differing approaches.

Meeting new requirements with in-house IT

Payer A is a large payer with a strong network of relationships with providers. Most IT functions remain in-house, including the development and maintenance of applications and the management of the IT infrastructure. External vendors are called on periodically when extra help is needed to develop applications.

A large number of Payer A’s members have lost their employer-sponsored health insurance during the recession, so the company faces a challenging environment. Many individuals will be entering the market over the next few years as a result of the new mandates, but these consumers will be cost conscious and looking for innovative, standardized, and inexpensive products not currently offered by the payer. Additional IT investments to meet other legislative demands will squeeze already-constrained budgets.

In the face of existing cost pressures, the CIO has already pushed for improvements in overall IT efficiency. He has reduced IT costs 18 percent by improving efficiency in a number of areas, such as desktop support, contractor expenses, and the productivity of application developers. These moves will help finance new investments. In addition, during the past four years the CIO has consolidated the payer’s claims platforms around a modular architecture, which eliminated legacy elements that constrained product-development flexibility.

The CIO and his group now are focusing their efforts on implementing specific IT capabilities mandated by new legislation. A command center with a rapid-response team will be at the center of those efforts. The command center is responsible for creating a coordinated plan to address all the challenges of the legislative changes, including supporting the meaningful use of health IT in their provider network.

This CIO is working with the company leaders who interface with health service providers to codify new rules that will determine which medical procedures, tests, and drugs will be eligible for payment. The new rules will be incorporated in jointly administered payer–provider IT systems. Adherence to these requirements (for example, the elimination of duplicate tests and the obligatory use of generic drugs) could cut the payer’s costs by 2 percent, or $300 million, and thus allow for significant market share gains.

Work on a new user-friendly and technically robust portal for members is nearing completion. The portal is structured around patient codes, or “identifiers,” that track the health and medical spending of individuals over their lifetimes. The CIO has also installed new product-development tools that will take advantage of a rationalized IT architecture to lower costs and speed up time to market. Still in the planning stages is a new pricing- and risk-management system, which will be in place by 2013, when new regulations take effect.

Where IT outsourcing is a better option

Payer B is a midsize company with fewer than one million customers. Some years ago, the company chose to outsource most of its IT functions. The outsourcer operates the payer’s IT infrastructure and develops and maintains software applications. The outsourcing arrangement also covers other services, such as claims processing and membership enrollment, as well as the payer’s IT interface to its provider network.

Outsourcing may be an attractive option for many smaller, capital-constrained payers. It transfers operational risk to the strategic partners, many of which have extensive IT experience and leading industry talent. Partners are responsible for compliance with government mandates and cost management. And thanks to substantial economies of scale, the outsourcer offers IT services at a cost well below what Payer B could have achieved in-house.

Under this model, the role of the payer’s IT organization largely consists of planning and vendor management. The payer sets its overall product, marketing, and technology strategy and retains its relationships with customers. The partnership allows Payer B’s management to concentrate on business growth, product development, and strategies for the new health care environment. Payer B, for example, is developing a new consumer sales strategy, while relying on its outsourcer to provide all the technology needed to help it connect to the new health insurance exchanges.


These are challenging times for the CIOs of US health insurance payers but also times of great opportunity. Forward-looking CIOs who can work effectively with their peers, both within their own organizations and across the new landscape, will be critical to the success of payer organizations in the volatile US health care environment that’s emerging.

About the author(s)

Madhu Pawar is an associate principal in McKinsey’s Chicago office, where Wayne Pietraszek is a principal.