Category: Uncategorized

With the recently released the 2027 Medicare Advantage Final Rule and Rate Announcement, The Centers for Medicare and Medicaid Services (CMS) confirmed it is finalizing payment rates at a higher-than-anticipated average rate and that a suite of policy changes will take effect for contract year 2027.

For payers, the combined impact spans revenue, risk adjustment, Star Ratings, supplemental benefit administration, and marketing operations.

1. Payment Rates: Growth with Real Revenue Headwinds

The final National Per Capita Medicare Advantage (MA) Growth Percentage for calendar year (CY) 2027 is 4.40 percent—below the Fee-for-Service (FFS) Growth Percentage of 5.46 percent.  The change in growth rates from the CY 2027 Advance Notice to the CY 2027 Rate Announcement is due primarily to incorporation of additional data. The non-ESRD Fee For Service United States Per Capita Costs for Part A and Part B are based on claims experience with incurred dates through Q4 2025.

However, the headline growth number does not tell the full revenue story for health plans. CMS is finalizing two diagnosis source exclusions that will reduce risk scores—and therefore risk-adjusted payments—for plans that have relied on these coding sources:

1. Exclusion of diagnoses from unlinked chart review records (CRRs), with a narrow exception for beneficiaries switching between MA organizations, and
2. Exclusion of diagnoses coded from audio-only services (modifiers 93 and FQ).

Together, these changes are estimated to produce net Medicare Trust Fund savings in CY 2027 by reducing the pool of diagnoses eligible for risk adjustment. Plans with higher historical reliance on unlinked CRRs or audio-only encounter coding will see a proportionally greater impact on their risk scores and payment rates.

CMS is also maintaining the statutory minimum MA coding pattern difference adjustment of 5.90 percent, unchanged from CY 2026. Plans should model the combined effect of normalization factor updates (2024 CMS-HCC model normalization factor: 1.079) and diagnosis exclusions on their projected CY 2027 risk scores now that bid season has commenced.

Key Numbers:

• 4.40% Medicare Advantage Growth Percentage
• 5.46% Fee-for-Service Growth Percentage
• 5.90% coding pattern adjustment
• Normalization: 1.079 (2024 model)

2. Risk Adjustment Model: Continuity, not Recalibration

CMS is continuing the 2024 CMS Hierarchical Condition Category (HCC) risk adjustment model for non-PACE MA organizations—pulling back from the proposed recalibration to a 2027 model using 2023 diagnoses and 2024 expenditure data. Program of All-Inclusive Care for the Elderly (PACE) organizations will use a 50/50 blend of the 2024 and 2017 CMS-HCC models. While continuity reduces year-over-year volatility, plans should not interpret model stability as payment stability: the diagnosis exclusions and normalization factor updates will still move risk scores materially for many organizations.

CMS also finalized the exclusion of diagnoses from audio-only services for RxHCC models, and implemented updated RxHCC models reflecting IRA-driven Part D benefit restructuring, using 2023 diagnoses and 2024 expenditure data for non-PACE plans.

3. Star Ratings: Simplification Does Not Equal Reduced Accountability

CMS is finalizing a significant reduction of the Star Ratings measure set. The two Part C appeals measures—Plan Makes Timely Decisions about Appeals and Reviewing Appeals Decisions—will be removed beginning with the 2029 Star Ratings. The Call Center—Foreign Language Interpreter and TTY Availability measure is also being removed for both Part C and D.

CMS also decided not to proceed with the Health Equity Index (HEI) reward factor, retaining the existing historical reward factor in the methodology. The net 10-year Trust Fund impact of these Star Ratings changes is estimated at $18.56 billion (from 2027 to 2036).

Note: Health plans should not interpret appeals measure removal as reduced risk. CMS stated unequivocally that full compliance with 42 CFR Part 422 Subpart M remains mandatory, and CMS will use audits, corrective action plans, and public warning letters to enforce appeals processing performance. The financial incentive structure changes, but the compliance obligation does not.

4. Supplemental Benefits: Debit Card Guardrails Now Codified

CMS is codifying existing guidance on debit card administration of supplemental benefits, requiring that debit cards be electronically linked to plan-covered items and services through a real-time point-of-sale verification mechanism and restricting card use to the specific plan year. While use of debit cards to administer benefits remains voluntary, plans that use them must now comply with these codified standards, rather than abiding by informal guidance. Note that cards must also be restricted to the current plan year only, with no balance rollovers into a new plan year.

In addition, CMS is finalizing a new transparency requirement: health plans must publicly post their plan-developed Special Supplemental Benefits for the Chronically Ill (SSBCI) eligibility criteria on their public-facing website. This is a new operational compliance obligation for plans offering SSBCI. Notably, CMS did not finalize the proposed prohibition on marketing the dollar value of supplemental benefits, which is a significant pullback from the proposed rule.

5. Marketing and Agent/Broker Rules: Targeted Deregulation

In a notable deregulatory shift, CMS eliminated the 12-hour delay requirement between educational events and marketing events at the same location. Health plans and agents/brokers may now hold a marketing event directly following an educational event at the same location, provided attendees are notified of the transition and given sufficient opportunity to leave. This reverses the 2023 requirement and reduces compliance burden on plans and agents conducting community outreach.

CMS also modified Third Party Marketing Organization (TPMO) disclaimer requirements, adjusting the timing from “within the first minute of a sales call” to “prior to the discussion of any benefits,” and updated the disclaimer language to reflect the number of organizations and plans the TPMO represents. CMS also reduced the required retention period for call recordings from 10 years to 6 years. Plans that rely on TPMO distribution channels should review their call scripts, training materials, and recording retention policies for CY 2027 applicability, with marketing changes effective October 1, 2026.

The CY 2027 regulatory environment rewards payers with administrative systems that can adapt quickly, from risk adjustment data integrity to supplemental benefit configuration to member-facing disclosure requirements. HealthEdge’s integrated platform of solutions— including HealthRules® Payer, HealthEdge Source™, HealthEdge Provider Data Management, GuidingCare®, and Wellframe™—is purpose-built to support health plans in navigating these compounding, cross-functional changes with the speed and precision the regulatory calendar demands.

Learn more about how integrated HealthEdge solutions enable health plans to stay in line with shifting Medicare Advantage standards. Download our eBook: Navigating the New Medicare Advantage Reality—Why Member Engagement and the Right Platform Is Your Competitive Advantage.

About Bettina Vanover, CHC, CIPP/US

Bettina Vanover is the Regulatory Principal at HealthEdge. She joined the team in 2025, bringing more than 20 years of experience in the healthcare industry. Bettina earned her MBA in Business, Health Administration from the University of Colorado, and her BA in Health Policy & Administration from Penn State University. Follow Bettina on LinkedIn.

This year marked the 20th anniversary of the RISE National Conference, but the milestone felt less like a retrospective and more like a clear signal of where health plan risk adjustment is heading next.

Nothing about the operating environment has gotten easier. Medicare Advantage risk adjustment programs continue to operate under sustained pressure—from rising medical and pharmacy costs to expanding audit activity and new requirements from the Centers for Medicare and Medicaid Services (CMS). At the same time, health plans are working to improve risk adjustment documentation and coding, strengthen outcomes, and maintain financial performance.

And yet, the tone at RISE felt different this year.

The challenges payers face haven’t changed—but the industry’s response to them has.

From Waiting to Taking Action

Over the past several years, many healthcare organizations approached risk adjustment programs with caution, waiting for clearer regulatory signals or more predictable guidance. But now, the executive mindset has shifted.

At RISE, it was clear that health plans are no longer waiting. Conversations focused on prospective risk adjustment implementation, with programs like targeted pilots and practical improvements to coding workflows.

Health plan leaders are asking more direct questions about Hierarchical Condition of Categories (HCC) risk adjustment coding, audit defensibility, and how to ensure accuracy across both retrospective and concurrent processes. There is growing recognition that progress comes from operational discipline, consistent improvements in risk adjustment documentation and coding rather than large, one-time transformations.

Rising Regulatory Intensity Is Reshaping Risk Adjustment

Regulatory oversight has always been a central piece of health plan risk adjustment strategies. What has changed is the scale, speed, and intensity of that oversight.

Risk Adjustment Data Validation (RADV) audits are expanding in scope and frequency, with CMS continuing to refine its methodology and apply findings more broadly across Medicare risk adjustment programs.

At the same time, enforcement bodies are aligning on common standards for validation, documentation, and submission accuracy. The U.S. Department of Justice has continued to prioritize healthcare enforcement under the False Claims Act. In addition, the Office of Inspector General has also issued ongoing guidance and reports highlighting vulnerabilities in Medicare Advantage risk adjustment.

For health plans, this means that risk adjustment payment is more closely tied than ever to critical operations like:

• Accurate clinical documentation
• Defensible risk adjustment coding
• End-to-end traceability across submission workflows

The challenge is not understanding compliance. It is keeping pace with how quickly expectations are evolving.

A More Sophisticated Threat Landscape for Health Plans

Alongside regulatory pressure, the healthcare industry is facing a more complex fraud environment.

Discussions at RISE highlighted the emergence of AI-enabled fraud patterns, ranging from synthetic documentation to coordinated submission activity that can appear clinically valid. These developments are raising new questions about how risk adjustment programs detect and prevent fraud, waste, and abuse.

The Office of Inspector General has repeatedly emphasized program integrity risks and the need for stronger oversight. Traditional approaches to risk adjustment services, often reliant on static rules or isolated reviews, are becoming less effective. Health plans are increasingly looking for solutions that combine advanced analytics with clinical validation.

Re-centering on the Purpose of the Work

Amid conversations about audits, compliance, and financial pressures, one moment at RISE stood apart. In his keynote, NBA Hall of Fame player Dominique Wilkins shared his personal journey managing diabetes and his experience competing at the highest level of his sport. He spoke about discipline, proactive self-care, and the critical role of consistent support systems.

His story served as a powerful reminder that behind every diagnosis code and risk adjustment factor is a real person, someone whose quality of care depends on healthcare organizations getting it right. Whether in Medicaid risk adjustment, commercial risk adjustment, or Medicare Advantage, the goal is the same: to accurately reflect a member’s health status so they can receive the care they truly need.

What This Means for Health Plans & How HealthEdge® is Here to Help

The direction is clear. Risk adjustment programs must continue to evolve. Health plans are moving toward more connected approaches that bring together:

• Prospective and retrospective risk adjustment workflows
• Integrated risk adjustment documentation and coding processes
• Alignment between HEDIS and risk adjustment programs
• Greater visibility across Medicaid risk adjustment and commercial risk adjustment

HealthEdge Risk Adjustment solutions were designed to help health plans address these very challenges by delivering a comprehensive approach to risk adjustment, supporting the full lifecycle, from condition identification and provider engagement to coding, submission, and reconciliation.

Our solutions enable health plans to:

• Improve accuracy in HCC risk adjustment coding
• Strengthen audit readiness with traceable workflows
• Advance prospective risk adjustment strategies
• Reduce complexity across retrospective risk adjustment
• Improve visibility into risk adjustment payment drivers

The Work Ahead

If there was one takeaway from RISE 2026, it is this: the healthcare industry has moved forward when it comes to risk adjustment.

The challenges are not new, but the urgency is greater. The expectations are higher. And the willingness to act is stronger. Leading health plans are investing in solutions, refining operations, and strengthening their risk adjustment programs to meet the demands of today’s environment.

Learn how HealthEdge Risk Adjustment solutions can help your organization. Download the white paper: Getting Risk Adjustment Right – A Guide for Modern Health Plans.

Health plans with home and host capabilities have set the standard for healthcare excellence since 1929—but mounting industry pressures constantly challenge these market leaders.

Decreasing margins, evolving regulatory requirements, and the shift toward value-based care demand continuous innovation. To remain competitive and stay ahead of industry shifts, health plans need data-driven solutions that simplify administrative processes while driving strategic cost management.

Health plan leaders are turning to next-generation core administrative processing systems (CAPS) to overcome complex healthcare challenges. See how payers are leveraging the integrated HealthRules® Payer CAPS to improve home and host plans to improve operational efficiency, boost member satisfaction, and achieve regulatory excellence.

1. Navigating Complex Regulatory Compliance

Health plans that manage government programs face a constant stream of state and federal regulatory changes. Non-compliance can result in severe financial sanctions or operational disruptions. Core administration systems must enable rapid, reliable changes to underlying rules without requiring significant IT interventions.

HealthRules Payer provides payers with the agility necessary to maintain compliance across Medicare, Medicaid, and Dual-Eligible lines of business as regulations evolve. By leveraging proactive health management tools and producing auditable, highly accurate reporting, your organization can deliver high-quality care while controlling costs.

2. Driving Operational Efficiency and Automation

Manual claims processing drains crucial resources and increases the risk of costly errors. Efficiency cannot come at the expense of accuracy when you need to maintain positive relationships with providers and members. Home and host plans require a system that delivers accurate claims auto-adjudication across categories.

HealthRules Payer combines advanced automation with financial accuracy. One health plan leveraged the CAPS solution to increase claims auto-adjudication volume by 800%. Paired with a 98% configuration accuracy rate, this level of operational efficiency directly supports strategic cost management and reduces member and provider abrasion.

3. Adapting to New Business Models Swiftly

The healthcare market increasingly relies on complex value-based reimbursement models. Outdated legacy systems often struggle to accommodate these varied group and benefit packages. This limitation leads to slow, error-prone configurations that impede your market agility.

The patented, English-like HealthRules Language forms the backbone of the HealthRules Solution Suite. It offers unmatched flexibility for payers to define benefit plans and provider contracts quickly. Business analysts can perform configuration updates in hours instead of days or weeks. This technical flexibility allows users to seamlessly integrate new products and value-based care models without relying on programmers and IT teams.

4. Improving Member Satisfaction and Outcomes

Integrated data is vital for enabling efficient operations and building strong provider relationships. Legacy platforms frequently lack real-time data exchange capabilities, leading to fragmented care and delayed claim resolutions. Health plans require integrated ecosystems that deliver precise information to support care teams and improve overall member health.

Through robust integration layers like HealthRules Connector and the analytical power of HealthRules Answers, HealthEdge delivers seamless integration across your entire digital ecosystem. This single source of truth helps payers achieve up to a 90% first-call resolution rate. When customer service representatives have immediate access to accurate data, member satisfaction naturally rises.

Unlock the Full Potential of Your Health Plan

Thriving in the current healthcare landscape requires technology that acts as a catalyst for growth and resilience. By optimizing core administrative processes, you can significantly reduce manual work, lower administrative overhead, and unlock per member per month (PMPM) savings.

Ready to explore how the right core administrative processing system can transform your operations?

Discover detailed insights, performance metrics, and the proven ROI that HealthEdge delivers to industry-leading health plans. Download the brochure: How Plans With Home And Host Capabilities Lead In Value-Based Care.

 

Risk adjustment programs are entering a new phase of maturity. Historically, health plans approached Medicare Advantage risk adjustment retroactively, reviewing charts after encounters occurred, and identifying missed diagnoses later in the year.

Retrospective risk adjustment remains an important part of a health plan’s risk adjustment program. But regulatory and documentation guidelines are accelerating the shift toward proactive strategies that combine retrospective review with real-time documentation validation and prospective risk adjustment.

Risk Adjustment & Regulatory Pressures

The scale of risk adjustment is really why this shift matters. Medicare Advantage payments exceeded $450 billion in 2024, with risk scores playing a central role in determining payers’ risk adjustment payment levels. As a result, even small documentation gaps can translate into significant financial and compliance implications.

Recent policy changes and audit activity are reinforcing this trend. The expansion of the Risk Adjustment Data Validation (RADV) program from The Centers for Medicare and Medicaid Services (CMS) has increased pressure on participating organizations to ensure diagnoses are fully supported by documentation. Research from the Kaiser Family Foundation also showed that chart reviews play a significant role in payer risk adjustment operations, with more than 60% of Medicare Advantage members associated with at least one chart review in recent years.

Rather than waiting until year-end reviews to identify documentation gaps, payers are increasingly building programs that continuously monitor risk capture, provide earlier feedback to providers, and support documentation improvement throughout the care cycle.

While most industry attention focuses on Medicare Advantage, many organizations are applying similar strategies across Medicaid and commercial programs—where accurate documentation and coding also influence reimbursement, quality measurement, and program sustainability.

This shift is giving rise to a new operating model: real-time risk adjustment.

What Real-Time Risk Adjustment Means in Practice

Real-time risk adjustment does not replace retrospective chart reviews. Instead, it helps shorten the feedback loop by enabling health plans to identify documentation opportunities earlier, strengthen provider engagement, and maintain continuous visibility into risk capture performance.

In traditional retrospective models, coding teams and analytics groups often identify documentation gaps months after a patient visit occurs. By that point, the clinical context may be difficult to reconstruct, making follow-up more challenging for both providers and risk adjustment teams.

A real-time approach addresses this gap by introducing continuous monitoring across the health plan risk adjustment program. Clinical documentation patterns can be evaluated throughout the year, allowing teams to detect emerging trends earlier and take corrective action while the information is still relevant.

This also means that risk adjustment insights appear closer to the point of care. Coders can prioritize the most impactful charts for review, provider engagement teams can deliver targeted documentation guidance, and analytics teams can gain earlier visibility into how risk adjustment factors are evolving throughout the year.

The result is a program that operates continuously rather than episodically.

Technology That Enables Modern Risk Adjustment Documentation and Coding

The shift toward real-time operations is largely enabled by advances in analytics and clinical data integration.

5 Key capabilities for modernizing payer risk adjustment programs:

1. Live electronic health record (EHR) integrations that allow encounter data and clinical notes to flow directly into risk adjustment analytics environments
2. Natural language processing (NLP) tools that analyze clinical documentation and highlight potential diagnosis gaps or coding opportunities, as referenced in a recent Cornell University study
3. AI-assisted triage models that prioritize charts most likely to contain high-impact documentation opportunities
4. Clinical decision support tools that surface documentation prompts during provider encounters
5. Data and analytics platforms that consolidate encounter data, chart review activity, and risk score performance metrics

An important note: It is imperative for health plans to minimize overcoding. Payers can utilize OIG regulations and evaluate data to reduce or eliminate overcoding and RADV audit risk.

These technologies are increasingly used to support Hierarchical Condition Categories (HCC) risk adjustment coding, helping organizations identify undocumented conditions earlier and strengthen the accuracy of risk adjustment submissions. Emerging research also supports the growing role of artificial intelligence in documentation analysis.

Importantly, these technologies are not designed to replace coding expertise or clinical judgment. Their primary value lies in helping risk adjustment teams focus attention on the records and member populations where documentation improvements can have the greatest impact.

Building the Operational Capabilities for Real-Time Risk Programs

Technology alone cannot transform risk adjustment operations. Organizational alignment and well-designed workflows are equally important.

Leading health plans are establishing risk operations teams responsible for coordinating analytics, coding workflows, and provider engagement initiatives. These teams serve as the connective layer between data insights and operational action within the broader risk adjustment program.

Within these programs:

• Risk operations leaders monitor documentation trends and coordinate chart review priorities.
• Coding teams focus on validating diagnoses and ensuring documentation integrity.
• Provider engagement teams work directly with clinicians to reinforce documentation best practices and strengthen collaboration across the payer risk adjustment ecosystem.

Strong feedback loops are critical to making these programs effective. When documentation patterns reveal potential gaps, those insights must be shared with providers in a constructive and timely way. Successful programs position documentation guidance as part of broader clinical documentation improvement efforts, helping providers understand how accurate documentation supports both population health management and reimbursement accuracy.

Measuring the Impact of Real-Time Risk Adjustment

Within any payer risk adjustment program, operational metrics help organizations determine whether risk adjustment factors accurately reflect the clinical complexity of their member population.

Traditional program metrics, such as overall risk score performance, remain important. However, many organizations now track additional operational indicators that provide deeper insight into how effectively their risk adjustment programs function throughout the year.

Common examples include:

• Timeliness of chart review completion
• Coder productivity and throughput
• Speed of documentation gap identification
• Rate of suspected condition closure
• Variability in risk scores across reporting periods

Monitoring these indicators provides a more dynamic view of risk adjustment performance. It also allows organizations to identify operational bottlenecks earlier and make course corrections long before final submissions are due.

Another way of measuring the impact of risk adjustment is by eliminating the waste associated with unnecessary chart reviews, thus realizing cost savings. Excluding members without HCC or risk-adjustable conditions from review pipelines immediately reduces heavy administrative expenses. This data-driven solution maximizes operational efficiency, saving significant costs and allowing staff to focus strictly on high-yield interventions and improved health outcomes.

These operational insights are increasingly important as organizations manage multiple programs simultaneously, including risk adjustment for Medicare, Medicaid, and commercial initiatives.

The Future of Risk Adjustment Operations

Looking ahead, advances in analytics, artificial intelligence, and workflow automation will continue shaping how risk adjustment programs operate.

Predictive models are beginning to identify members whose clinical histories suggest undocumented conditions. AI-driven analytics platforms can highlight documentation patterns across large provider networks. Automated workflow tools can prioritize chart reviews and route documentation questions to the appropriate teams.

Together, these capabilities are helping organizations move beyond reactive chart review cycles toward more proactive documentation management that complements, but doesn’t replace, the human coder.

Moving Toward a More Proactive Risk Adjustment Strategy

Real-time risk adjustment represents a natural evolution in how organizations manage risk adjustment documentation and coding, improve payment accuracy, and strengthen risk program performance.

Retrospective programs will remain essential for validating diagnoses and recovering missed conditions from prior encounters. However, when combined with prospective documentation improvement initiatives and real-time analytics, they become part of a more comprehensive strategy for managing risk adjustment performance.

Many health plans are now exploring integrated approaches that combine retrospective chart review, prospective documentation improvement, and real-time analytics. Modern risk adjustment solutions and services, such as those provided by HealthEdge®, are designed to support this evolving model by helping organizations strengthen documentation validation, provider collaboration, and analytics-driven risk operations.

Learn more about how HealthEdge is empowering health plans to build a successful, sustainable risk adjustment program, download our White Paper: Getting Risk Adjustment Right – A Guide for Modern Health Plans.

This is part 1 of a blog series on Ethical AI.

This content was adapted from an internal learning and development session developed by HealthEdge’s AI team, focused on educating our organization on ethical AI. At HealthEdge, we believe that safe and responsible AI is of the utmost importance. This principle shapes both how we use AI internally to accelerate our own efficiency and how we build AI-powered solutions for our customers.

These materials reflect how our AI team thinks about these problems day to day. Ethical AI isn’t something we address at the end of a project or check off during a compliance review. Rather, it’s a lens we apply from the earliest stages of design through deployment and beyond and sharing these principles openly — with our own teams and with the broader community — is part of how we hold ourselves accountable.

Ethical AI Starts with Privacy and Security

As artificial intelligence becomes more widely adopted across healthcare technology platforms, protecting sensitive data has become a critical responsibility for organizations that build and deploy AI solutions. Many users rarely think about where their inputs go or how they may be stored until something goes wrong.

In healthcare environments, where protected health information (PHI) is involved, the stakes are particularly high; privacy failures can lead to regulatory consequences, loss of trust, and real harm. For organizations developing AI-powered tools, privacy and security must be designed into every decision, from tool selection to system architecture.

Privacy Isn’t Just a Policy — It’s a Design Problem

At its core, privacy is about ensuring that personal data is collected, used, and retained appropriately, and that people maintain control over their information. Simple in theory. AI makes it complicated in practice.

Large language models can memorize training data and spit back Personally Identifiable Information (PII) in unexpected contexts. People paste sensitive information into third-party tools without thinking about retention. Data gathered for one purpose quietly gets repurposed for another. And “anonymized” datasets? Often not as anonymous as advertised, as re-identification is a well-documented risk. For those of us in healthcare, this extends to Protected Health Information (PHI), meaning privacy failures aren’t just bad practice — they’re compliance violations.

If you’re a user, know what you’re feeding into these tools. Assume your inputs may be stored. Don’t paste in someone else’s personal data without authorization. And understand what your organization actually allows as input.

If you’re evaluating tools, ask the uncomfortable questions. Where does the data go? How long is it kept? Does the free tier use your inputs for model training, evaluation, or monitoring? (Many do.) Where does data physically reside? If a vendor can’t give you straight answers about data handling, that tells you what you need to know.

If you’re building, design for privacy from day one. Collect the minimum data you need. Be upfront about how you use it. Build in deletion and user control. And don’t lean on the LLM itself for access control, that’s not what it’s for. Assume that any data used to train the model could end up being model output; curate training datasets carefully.

Security: The Threat Surface You Might Be Underestimating

Security means protecting systems and data from unauthorized access, manipulation, and exploitation. With AI, the attack surface has grown in ways that catch teams off guard.

• Prompt injection lets bad actors manipulate model behavior through crafted inputs.
• Model inversion can extract training data from responses.
• Adversarial inputs slip past safety controls.
• Indirect prompt injection, poisoned content embedded in documents or data sources, is particularly stealthy if LLM guardrails don’t scrutinize the content before processing that information as instructions, causing unexplained or undetected malicious agent behavior.

Add API key exposure, credential leaks, and supply chain vulnerabilities, and there’s a lot to account for.

If you’re a user, never hand API keys, tokens, or credentials to an AI tool. Think twice before running AI-generated code. Double-check any output that touches security decisions or access controls. If something looks off, report it. When testing new tools, use sandboxed accounts with limited permissions.

If you’re evaluating tools, look for real security hygiene, such as documented incident response and documented guardrails. Ideally, these include published metrics, SOC 2 or ISO 27001 certification, clear credential management, and evidence of pen testing or red teaming. No security docs? Vague authentication story? Third-party integrations without defined boundaries? Walk away.

If you’re building, assume every input is hostile. Rate-limit and validate aggressively. Give your AI components their own credentials with the minimum necessary permissions. Never let the model make authorization decisions. Set up guardrails and monitor for prompt injection and data exfiltration patterns. Stay on top of dependency updates and run your systems against the OWASP Top 10 for LLMs.

This Isn’t a One-and-Done Conversation

Privacy and security are not one-time considerations addressed during an architecture review. They are ongoing disciplines that influence every stage of AI development and deployment, from the engineer designing prompts and guardrails to the product leader evaluating vendors and integrations. Organizations that embed these principles into their AI strategies will do more than reduce risk. They will build the level of trust that responsible AI adoption ultimately depends on.

For more information about HealthEdge’s approach to AI, visit www.healthedge.com.

When health plans modernize their core administrative systems, the conversation often centers on technology. Implementation timelines, configuration decisions, and integrations dominate planning discussions as organizations prepare for go-live.

Yet one of the biggest factors determining whether a new platform delivers meaningful operational improvements has little to do with the technology itself. According to research from McKinsey & Company, successful transformations are more than three times more likely when organizations provide dedicated training to help employees master new solutions.

It comes down to whether the people responsible for running the system understand how to use it.

Leveraging Education Services for Product Training

For health plans implementing HealthRules® Payer, training is critical to ensuring the platform operates as intended and that operational teams can fully leverage its automation capabilities. Without that foundation, even the most advanced technology can struggle to deliver the expected improvements in efficiency and accuracy. In fact, any team member who supports implementation, serves as an in-house instructor, or uses the system on a day-to-day basis should receive training.

That is why HealthEdge® Global Professional Services provides dedicated Education Services designed to help health plans build the expertise needed to successfully implement and optimize HealthRules Payer.

HealthEdge Education Services Overview

HealthEdge offers a comprehensive suite of training programs, tailored to every stage of implementation and beyond. The programs support both technical and business teams and are designed to empower a health plan’s in-house training team to confidently educate those responsible for implementing and using the system every day. There’s even an opportunity for implementation partners to participate in structured certification programs that ensure consistent expertise, best-practice alignment, and a higher standard of delivery across the ecosystem.

The Real Costs of Insufficient Training: Internal Misalignment

Health plans are often under strict time constraints when implementing a new administrative platform. Internal leaders participate in discovery workshops, design sessions, and configuration reviews while continuing to manage their day-to-day responsibilities.

In this environment, training can easily be deprioritized—but the consequences typically appear quickly once the system is in production, where small misunderstandings can create operational friction.

For example, terminology differences between legacy systems and HealthRules Payer can cause confusion early in the transition. A “provider” label in one system may appear as “supplier” in another. While the difference may seem minor, misalignments like these can interfere with understanding system data and configuring workflows.

Unnecessary Manual Intervention

Training gaps can also lead to complications like improper or incomplete user setup, which can result in increased manual intervention during claims processing and lower automation levels across the platform. Teams may also overlook powerful capabilities and miss out on opportunities to simplify operations.

For example, if a health plan experiences a retroactive member termination, the system should trigger automatic claim reprocessing. If users don’t know HealthRules Payer can automate this process, they may spend unnecessary time on manual review.

Without proper attention to product training, users may rely on workarounds or manual processes that the platform was designed to eliminate.

Building Knowledge Throughout the Implementation Journey

HealthEdge Education Services are designed to enable business and technical users who support the implementation throughout the HealthRules Payer deployment lifecycle.

Rather than treating training as a one-time activity, programs align with the natural phases of implementation—starting with foundational education of key concepts and terminology. Training becomes more hands-on as the project progresses into design and build phases, allowing internal subject matter experts to gradually build knowledge while applying what they learn directly to the configuration of their system.

Self-guided learning modules also provide an introduction to core platform capabilities. Instructor-led training sessions then give teams the opportunity to work directly within the system, ask questions, and explore real-world scenarios that reflect their organization’s operational workflows. Coaching sessions are also available to help reinforce learning by allowing participants to bring questions that come after working in the system.

Preparing End Users for Day-to-Day Operations

One of the most important aspects of system training occurs as organizations prepare for go-live.

In many implementations, the people configuring the platform are not the same ones who will use it every day. Claims processors, enrollment teams, and finance staff may interact with the system differently from the implementation team that helped design it. To address this challenge, Education Services leads End User Enablement workshops to assist in-house trainers as they develop their own internal programs.

During these dedicated workshops, HealthEdge trainers work closely with a health plan’s in-house instructors to develop training materials tailored to the organization’s configuration and operational workflows. Templates and guidance from the HealthEdge team help health plan teams build the training materials for their operational staff.

This approach helps ensure end users learn workflows as they exist in their unique environment. It also helps operational teams understand how their day-to-day processes will evolve as they transition from legacy workflows to the automated capabilities available in HealthRules Payer.

Why Training Matters Long After Go-Live

The importance of training does not end once the system launches.

As health plans expand their use of HealthRules Payer, introduce new benefit designs, or refine operational workflows, new training needs often emerge. Organizations frequently return for focused refresher training that target areas where teams request additional support.

Education Services works closely with customers to understand where knowledge gaps exist. The training team may collaborate with delivery managers or implementation consultants to understand the payer’s unique challenges to tailor the sessions.

This collaborative approach allows health plans to strengthen internal expertise, improve operational efficiency, and reduce reliance on external consulting resources over time.

Modernizing Training With AI-Powered Tools

The Education Services team is also evolving how it creates and delivers training content.

Traditional software training programs often rely heavily on written documentation. While comprehensive, these materials can be time-consuming for busy operational teams to work through.

To improve the learning experience, the team is transforming existing training materials, such as written documentation, presentations, and recorded trainings into dynamic video-based learning modules using AI-powered tools. This approach significantly accelerates the development of training content, giving subject matter experts a more accessible way to review training materials.

Many professionals prefer to learn using video-based training. Short, focused modules allow users to quickly revisit topics and understand exactly how workflows are performed within the system. This initiative turns hundreds of training modules into interactive learning experiences that make it easier for HealthRules Payer users to build and maintain system expertise.

Empowering Health Plan Teams for Long-Term Success

Successful system implementations depend as much on people as they do on technology.

HealthRules Payer provides health plans with powerful automation capabilities, operational flexibility, and the ability to manage complex benefit structures with precision. However, realizing full value requires that users understand how to configure, manage, and optimize their organization’s use of the solution.

Education Services helps health plans build that expertise from the earliest stages of implementation and continue developing it over time.

When organizations invest in training early, they accelerate implementation timelines, improve operational outcomes, and empower their teams to take full advantage of the capabilities within HealthRules Payer.

Discover additional ways that HealthEdge Global Professional Services can help your health plan get more value from your investment in HealthRules Payer with custom code services. Read the data sheet.