Skip to main content
Syam Adusumilli
Technology Infrastructure · LFP-13.06

Executive Summary: Claims Data Ownership: Who Has It, Who Locks It, and Why It Matters

By Syam Adusumilli · 2 min read
Executive Summary Read the full article.

LFP-13.06 — The Technology Gap
#

Claims data is the most valuable asset a level funded plan generates. Every cost management strategy depends on it. Every product capability requires it. Under ERISA, the plan sponsor generally owns the plan’s data. The Consolidated Appropriations Act of 2021 reinforced this right through the gag clause prohibition in Section 201, which prohibits agreements that restrict disclosure of provider-specific cost or quality information or restrict electronic access to de-identified claims and encounter data. January 2025 FAQ guidance from the Departments of Labor, HHS, and Treasury extended the prohibition to downstream agreements, closing a loophole that allowed TPA subcontracts with network vendors or PBMs to restrict data access even when the primary TPA contract did not.

The law is clear. The operational reality is different. The employer owns the data, but the data sits in the TPA’s claims engine, the stop loss carrier’s underwriting files, the PBM’s pharmacy claims system, and the network vendor’s provider pricing database. Contractual restrictions limit data export to summary-level reports, charge fees for detailed extraction, or impose 60- to 90-day delays on data transfer at termination. Technical restrictions compound the contractual ones: proprietary data formats, limited export capabilities, and legacy systems that may not offer API access at all.

Data ownership determines capability because every cost management function requires member-level and provider-level claims data in a usable format. Identifying high-cost members for care navigation requires longitudinal claims data with diagnosis and procedure codes. Routing procedures to lower-cost facilities requires provider-level cost comparisons. Pharmacy formulary optimization requires drug-level claims detail. If any of these data streams is locked in a proprietary system with batch export and summary-only access, the corresponding cost management capability cannot function.

The regulatory trajectory across the CAA gag clause provisions, CMS price transparency rules, and HL7 FHIR interoperability standards all points toward data accessibility and portability. TPAs and vendors that build toward this trajectory now will be positioned when enforcement tightens. Those that rely on data lock-in as a competitive strategy are building on a foundation that is eroding. The data architecture comes first. The applications that use the data come second.