Why This Evaluation Is Different From Every Other Vendor

Every vendor in this series requires due diligence. Optum requires a different kind.

With Waystar, R1, or Experian Health, your evaluation is a product and service question: Does the platform work? Is the price fair? What's the implementation risk? With Optum, those questions are necessary but not sufficient — because Optum operates at the intersection of two roles that are structurally in tension with each other.

Optum Insight is your technology vendor — the clearinghouse processing your claims, the AI platform predicting your coverage, the analytics tools informing your workflow. UnitedHealthcare, its corporate sibling, is one of your largest payers — adjudicating those same claims, making prior authorization decisions, and setting the coverage policies that determine your reimbursement.

Both are subsidiaries of UnitedHealth Group, reporting to the same board and corporate leadership. They operate with separate management teams and, in theory, information barriers. In practice, the incentive alignment at the UHG level means that no wall between them is permanent — and the data flowing through Optum's infrastructure is more valuable to UHC than to any other party.

The Core Conflict

When you use Optum's clearinghouse or AI platform to submit claims to UHC, both sides of that transaction — the submission infrastructure and the adjudication decision — trace back to the same corporate parent. That's not a hypothetical risk. It's the structural reality of the vendor relationship you're entering.

None of this means Optum is a bad vendor. The clearinghouse infrastructure is genuinely best-in-class. The data assets are irreplaceable. The Optum Real AI capabilities are real. But it does mean that the governance provisions in your contract matter more with Optum than with any other vendor in this category — and most standard Optum agreements don't address them adequately.

The 2024 Cyberattack: What Changed Permanently

On February 21, 2024, Change Healthcare — by then fully integrated into Optum — suffered a ransomware attack that took down its claims processing network for weeks. The downstream effects were catastrophic: provider cash flow collapsed, pharmacies couldn't process prescriptions, and an estimated 100 million patient records were compromised. It remains the largest healthcare data breach in US history.

By early 2026, the infrastructure has been rebuilt and most services restored. Optum has invested heavily in security hardening. But the attack permanently changed the risk calculus for any organization whose revenue cycle depends on the Change Healthcare clearinghouse — which, given its market share, means most of the US healthcare provider market.

Scale of Impact
100M+

Patient records compromised in the 2024 Change Healthcare attack — the largest healthcare data breach in US history. Provider claims processing was disrupted for weeks across virtually every segment of the market.

The lesson isn't "don't use Change Healthcare." Switching the clearinghouse that processes your claims is an 18–24 month project with significant implementation risk. The lesson is: your contract must contain explicit business continuity provisions, liability terms for outage-related revenue loss, and alternative routing requirements that weren't in most agreements signed before February 2024.

7 Provisions Every Optum Customer Should Demand

Provision 1

Data Use Limitation — Explicit AI Training Carve-Out

Require explicit contractual language prohibiting Optum from using your claims data, clinical data, or transaction data to train, update, or improve AI models that are deployed in products serving UnitedHealthcare or its affiliates.

Standard Optum agreements permit broad data use for "product improvement" and "analytics." This language is intentionally wide. Without a specific carve-out, your claims data — including your denial patterns, documentation practices, and reimbursement outcomes — can flow into models that serve the payor adjudicating your claims.

What to push for: Separate data processing addendum with explicit restriction on cross-entity AI training. Audit rights over model training data sources. Annual attestation of compliance.

Why it matters: AI models trained on provider-side claims data can identify patterns in what gets approved vs. denied — and those patterns can inform payor-side adjudication logic. This is the most important data governance provision in any Optum contract.
Provision 2

Business Continuity SLA — With Defined Remedies

Require a clearinghouse uptime SLA of no less than 99.9% with defined financial remedies for breach — not just service credits, but actual liability for revenue cycle disruption caused by network outages.

Pre-2024 Optum contracts typically contained SLA language with service credit remedies that were capped at a percentage of monthly fees — trivial relative to the revenue impact of a network outage. The 2024 cyberattack demonstrated that actual provider losses during a clearinghouse outage can be in the millions for a mid-size health system.

What to push for: 99.9% uptime SLA. Outage notification within 2 hours. Remedies scaled to revenue impact, not just service fees. Explicit coverage for claims backlog processing at no additional charge following restoration.

Why it matters: Optum will resist liability caps above service credit levels. The leverage point is that post-2024, no sophisticated buyer will sign without meaningful remedies — and Optum knows it.
Provision 3

Alternative Clearinghouse Routing Rights

Require the right to route claims through an alternative clearinghouse for any payer, at any time, without penalty — and require Optum to facilitate the alternative routing at no additional charge.

The 2024 outage exposed a systemic single-point-of-failure risk that no provider organization had fully accounted for. The solution is not to avoid Change Healthcare — it's to maintain the operational capability to route around it when necessary.

What to push for: Explicit right to dual-clearinghouse routing. No exclusivity requirement in the contract. Required documentation of alternative routing procedures as part of onboarding. Annual test of alternative routing capability.

Why it matters: Most standard Optum agreements contain implicit exclusivity provisions that make alternative routing difficult or expensive. This needs to be addressed explicitly.
Provision 4

Optum Real AI Transparency Requirements

If your organization is piloting or adopting Optum Real, require written disclosure of: (a) the data sources used to train coverage prediction models, (b) the methodology for determining what constitutes an "avoidable denial," and (c) a process for challenging or overriding AI-generated coverage predictions.

Optum Real's AI predicts whether claims will be approved or denied before submission. That prediction shapes how your team documents and submits claims. If the underlying model is trained primarily on UHC approval patterns, your documentation behavior will drift toward what UHC approves — not necessarily what your patients are entitled to.

What to push for: Annual model card disclosure. Clear definition of "avoidable denial" embedded in the contract. Provider override rights for AI recommendations. 90-day notice of material model changes.

Why it matters: This is new territory — no vendor has standard contract language for AI model governance. Pushing for it now, before broad adoption, is significantly easier than trying to add it to an existing contract.
Provision 5

UHC Firewall Attestation

Require annual written attestation from Optum that organizational information barriers between Optum Insight and UnitedHealthcare comply with applicable law and that your transaction data has not been accessed by UHC personnel or systems for purposes of claims adjudication or policy development.

Optum will tell you that information barriers exist. Require them to prove it annually in writing, with liability attached to the attestation.

What to push for: Annual compliance attestation signed by Optum Insight legal. Liability provision tied to material breach of information barrier. Audit rights in the event of a specific concern.

Why it matters: Even if the barriers are real today, personnel movement, system integrations, and organizational restructuring can erode them over time. Annual attestation creates accountability and an early warning mechanism.
Provision 6

Data Portability and Exit Rights

Require complete data portability on 60 days' notice, in a standard machine-readable format, at no charge — including all claims history, denial data, analytics configurations, and any outputs generated by Optum AI tools using your data.

Optum's clearinghouse switching costs are already high. Standard contracts make them higher by making data extraction slow, expensive, or technically complex. Data portability provisions don't reduce switching costs — but they prevent artificial lock-in created by data inaccessibility.

What to push for: 60-day data delivery SLA on exit. Standard format (HL7 FHIR, X12 835/837). No extraction fees. Retention of data access for 12 months post-termination for audit purposes.

Why it matters: This is your exit insurance. Even if you never switch, having data portability rights changes the power dynamic at renewal — Optum knows you can leave.
Provision 7

Performance-Based Pricing with Downside Protection

Where Optum is providing managed RCM services (not just clearinghouse), require performance-based pricing tied to measurable outcomes — net collection rate, first-pass claim acceptance rate, days in AR — with fee reductions if benchmarks are missed.

Flat-fee or per-claim pricing for managed services creates a misalignment: Optum gets paid regardless of performance. Outcome-based pricing aligns incentives and gives you contractual remedies when performance degrades.

What to push for: 3–5 performance KPIs defined in the contract with specific thresholds. Fee reduction of 10–15% for sustained underperformance. Quarterly business reviews with written performance reports. Termination rights for material, sustained underperformance.

Why it matters: This provision is most relevant for managed services contracts, but the principle applies broadly. If Optum won't accept performance-based pricing, ask why — and let the answer inform your evaluation.

Optum Real Governance Checklist

For organizations evaluating or piloting Optum Real, ask these questions before signing. Document the answers in writing.

QuestionWhy It MattersStatus
Who owns the coverage prediction AI models?Determines who controls the logic shaping your documentation behaviorAsk explicitly
How are the models trained, and on what data?Payor-side training data creates systematic bias toward payor approval criteriaAsk explicitly
How is "avoidable denial" defined in the product?Payor-defined vs. provider-defined metrics have very different implicationsAsk explicitly
What notice is provided for material model changes?Silent model updates can shift denial rates without warningRequire 90 days
Can providers override AI recommendations?Clinical autonomy protection — AI should assist, not mandateRequire explicitly
What are the data use limitations for your claims in Optum Real?Distinct from clearinghouse data use — Real processes clinical + claims togetherAsk explicitly
What are the performance benchmarks and remedies?80% denial reduction claim needs contractual backing to be meaningfulRequire SLA

Competitive Alternatives by Use Case

Use this table when evaluating Optum against alternatives or when negotiating — knowing your walk-away options changes the conversation.

Use CaseOptum / Change HCBest AlternativeKey Differentiator
ClearinghouseMarket leader, universal connectivityWaystar, AvailityNo parent-company conflict; comparable connectivity
Prior Auth AIOptum Real (pilot)Cohere Health, RhymeIndependent platforms; no payor alignment
Denial ManagementStrong, but conflict of interest on UHC denialsWaystar, Experian HealthNo payor ownership structure
RCM Managed ServicesFull-stack; deep payer relationshipsR1 RCM, Ensemble HealthIndependent from payor ecosystem
Analytics / DataUnmatched data depthArcadia, Navicure AnalyticsNo conflict; open data model
Payer Policy IntelligenceInternal data onlyAxlowReal-time policy search across all payers, no vendor bias

Negotiation Leverage Points

  1. 1
    The 2024 cyberattack is your opening

    Every provider organization has legitimate grievances from the 2024 outage — documented or not. Lead with business continuity requirements as non-negotiable. Optum knows this is a weak point and will concede here faster than on pricing.

  2. 2
    Document service failures during the Cloudmed integration

    Organizations that transitioned onto the combined platform during 2023–2024 have documented service gaps. Pull your denial rate data, AR aging, and call volume from that period. Documented performance degradation is contractual leverage.

  3. 3
    Use the conflict of interest as a governance ask, not an accusation

    Don't accuse Optum of bad faith — it comes across as adversarial and they'll dismiss it. Frame data governance and firewall attestation as standard due diligence for any vertically integrated vendor. You're not accusing them of wrongdoing; you're protecting your organization.

  4. 4
    Get a competing bid from Waystar or Availity before renewal

    You don't need to switch. You need Optum to know you've priced alternatives. A credible competing proposal — even one you don't intend to accept — is the most effective tool for driving contract improvements at renewal.

  5. 5
    Negotiate Optum Real governance now, before broad rollout

    Optum Real is still in early pilot. This is the window to establish AI governance provisions before they become standard contract boilerplate that Optum won't deviate from. Early adopters have leverage; late adopters take whatever terms are offered.