Cigna Group and Humana are once again discussing a merger that could create a $140 billion insurance giant, further consolidating the U.S. healthcare system. The talks are in preliminary stages after collapsing last December over disagreements about financial terms. FierceHealthcare notes that while discussions have resumed, no formal agreements have been made yet.

The stakes of this merger extend far beyond corporate boardrooms; it directly impacts millions of people's access to essential healthcare services and affordable medications. With Cigna’s Express Scripts commanding 24% of the PBM market and Humana operating the fourth-largest PBM with 8%, the merger raises serious questions about market concentration and its impact on healthcare affordability and accessibility.

Election Outcome Could Determine Merger’s Fate

The timing of the renewed merger talks between Cigna and Humana is no coincidence, occurring just weeks before a presidential election that could heavily influence the merger’s prospects. Bloomberg reports, Wall Street analysts believe that the deal's future hinges on the election outcome, with talks likely "only tangibly moving forward if Trump wins."

Under a Trump Administration, a more favorable regulatory environment might be expected given the GOP's general preference for deregulation. However, skepticism about large corporate mergers from Trump's base and running mate JD Vance complicates this picture. Vance has even praised current FTC Chair Lina Khan, saying she is "one of the few people in the Biden Administration who I think is doing a pretty good job," indicating a potentially less favorable view of healthcare consolidation than the GOP has historically maintained. On the other hand, a Harris Administration would likely continue the Biden Administration's stricter stance on healthcare consolidation, focusing particularly on protecting underserved and rural communities.

TD Cowen analyst Ryan Langston suggests that any formal merger announcement before the election is unlikely, further underscoring the centrality of the election to the deal’s future. Meanwhile, federal scrutiny of pharmacy benefit managers (PBMs) remains high, with the Federal Trade Commission (FTC) accusing the largest PBMs of using negotiation tactics that inflate drug costs, adding another layer of complexity to the regulatory landscape.

Understanding the Scale and Implications of the Proposed Merger

The proposed Cigna-Humana merger would unite two companies with largely complementary business models. Modern Healthcare reports that Cigna dominates in commercial coverage with 16.1 million members, while maintaining a smaller Medicare presence. In contrast, Humana has fewer than 600,000 commercial customers and is withdrawing from employer-sponsored insurance, while standing as the second-largest Medicare insurer with 8.8 million members.

This complementary structure could ease some antitrust concerns, but the combined PBM operations present a more complex challenge. The American Medical Association's (AMA) position on the CVS-Aetna merger highlighted similar concerns, noting that such consolidation can limit competition and reduce patient access to specialty drugs, which may parallel the challenges presented by this merger. Healthcare Huddle's analysis suggests that a merger would create a PBM entity large enough to rival market leader CVS Caremark, potentially controlling 32% of the market. Such concentration in the PBM space has already drawn scrutiny from regulators and policymakers.

To address regulatory hurdles, Cigna is planning to finalize the sale of its Medicare Advantage business to Health Care Service Corporation for $3.3 billion, a move that Modern Healthcare suggests could ease antitrust concerns by eliminating overlapping services. Meanwhile, Humana has faced challenges, with its value dropping nearly 40% this year due to declining Medicare plan enrollments and performance shortfalls resulting in the Centers for Medicare and Medicaid Services (CMS) downgrading their Medicare Advantage (MA) plans’ star ratings.

The combined entity would have a market capitalization of around $121 billion based on October 2024 valuations. While still smaller than UnitedHealth Group's $528 billion market cap, the merger would establish a stronger competitor across both the insurance and PBM markets, potentially reshaping competitive dynamics in the healthcare sector.

PBM Consolidation: Increased Scrutiny as FTC Takes a Stand

The potential merger's impact on pharmacy benefit management deserves particular attention, especially given recent FTC actions against PBMs. Currently, three PBMs control approximately 80% of the market, with Cigna's Express Scripts commanding about 24% and Humana's pharmacy division holding 8% market share, according to Bloomberg Law analysis.

The timing is particularly sensitive given the FTC's September 2024 administrative complaint against major PBMs. As previously reported by CANN, the FTC alleges these companies engaged in anticompetitive rebating practices that artificially inflated drug prices. The FTC investigation has revealed troubling practices, with PBMs frequently prioritizing higher rebates over lower net prices, leading to the exclusion of lower-cost alternatives and driving up drug prices. A combined Cigna-Humana PBM would control 32% of the market, potentially creating an entity large enough to rival market leader CVS Caremark.

This level of concentration raises serious concerns about negotiating power and drug pricing. Bloomberg Law notes that employer groups are particularly wary of the merger, fearing it could make an already complicated market even more opaque for health plans and potentially lead to higher costs for company health plans.

Impact on Healthcare Access and Specialty Care

Healthcare consolidation has long presented significant barriers for patients who rely on specialized care, including those living with chronic conditions like HIV. For example, patients often face more restrictive formularies, meaning fewer options for necessary medications, and increased prior authorization requirements, which can delay access to critical treatments. This is especially problematic for patients with chronic conditions like HIV, where timely and consistent access to specific medications is critical for maintaining health. Research published by Tufts Center for the Evaluation of Value and Risk in Health shows that consolidation often leads to restricted specialty care access, which can be particularly detrimental to people requiring ongoing care management. For instance, patients with cancer may find it harder to access specialized oncologists or newer, targeted therapies due to narrower provider networks and limited formularies. These barriers do more than inconvenience patients—they delay treatments, ultimately impacting patient outcomes.

The National Academy for State Health Policy (NASHP) reports that consolidated health systems frequently use their market power to implement restrictive contracts that can limit patient choice. These contracts often include clauses that prevent insurers from steering patients to higher-value care providers or limit the ability to negotiate better prices, ultimately restricting patient options and driving up healthcare costs. This can particularly impact people relying on specialty medications and services, like those living with HIV who need consistent access to specialists and specific drug regimens.

Consolidated systems often impose more stringent prior authorization requirements and narrower specialty pharmacy networks, as noted in the BMC Health Services Research study. The AMA highlights that merged entities often use their power to make access to specialty drugs more restrictive, which further limits patient options and exacerbates challenges for those needing specialized care. For people living with HIV, disruptions or delays in accessing antiretroviral medications could have serious health implications.

The combined entity's negotiating power could lead to more restricted provider networks. NASHP's research shows that consolidated entities often leverage market power to demand higher reimbursement rates, resulting in narrower networks that limit access to specialists, including HIV care providers.

Navigating Complex Regulatory Hurdles

The proposed Cigna-Humana merger faces significant regulatory scrutiny at both federal and state levels. The merger is likely to undergo a 12- to 24-month regulatory review, particularly given the current antitrust enforcement environment. Regulatory challenges are expected to include a detailed examination of the potential impact on competition, particularly in the PBM market, and whether the merger could lead to increased healthcare costs for consumers. The recent FTC crackdowns on healthcare companies, which could provide additional insights into the type of scrutiny expected during the review, particularly regarding anti-competitive practices and market concentration. Both the FTC and the U.S. Department of Justice are likely to scrutinize any potential overlap in services and demand divestitures to ensure that competition remains intact. Additionally, state-level reviews could require concessions to protect local markets from becoming overly concentrated.

Kaiser Family Foundation's analysis highlights how the FTC and Department of Justice have increased their focus on both horizontal and vertical integration effects. They now examine broader implications for healthcare costs and access, beyond direct market overlap.

State-level review adds another layer of complexity. KFF notes that 34 states and DC require notification of health insurance mergers, with 13 states requiring explicit approval. This multi-state review process could extend the timeline and require concessions to address state-level concerns.

Looking Ahead: Implications for Healthcare Access and Affordability

The proposed Cigna-Humana merger represents more than a business combination—it embodies the tension between market consolidation and healthcare accessibility. While the companies argue that their complementary business models could improve efficiency, the merger's impact on PBM market concentration and healthcare access demands careful scrutiny.

The immediate path forward hinges significantly on the November 5th election outcome, with analysts suggesting meaningful progress is unlikely before then. Beyond the election, the regulatory review process could extend into 2026, as federal and state regulators examine the merger’s implications for competition, drug pricing, and healthcare access.

For healthcare stakeholders, especially those relying on specialty care and medications, the merger’s outcome could significantly impact their care access and costs. The combined entity's expanded market power in both insurance and PBM sectors could reshape provider networks, prior authorization processes, and drug formulary designs.

Advocacy organizations and policymakers must carefully monitor and engage in the regulatory review process to ensure that any approved merger includes meaningful protections for healthcare access and affordability. The FTC’s current focus on PBM practices provides an important opportunity to address long-standing concerns about drug pricing and access in any merger approval conditions.

On February 21, 2024, the healthcare sector faced a seismic disruption when Change Healthcare, a cornerstone in the healthcare data exchange ecosystem, fell victim to a sophisticated cyberattack. Orchestrated by the notorious ransomware group known as ALPHV/Blackcat, this attack not only compromised the integrity of Change Healthcare's systems but also sent shockwaves across the entire healthcare landscape, affecting providers, insurers, and patients alike. Change Healthcare, now part of Optum under the umbrella of UnitedHealth Group thanks to a controversial $13 billon dollar acquisition, plays a central role in processing medical claims, verifying insurance eligibility, and facilitating electronic prescriptions for as many as half of all claims processed in the U.S. The immediate fallout from this cyberattack has spotlighted the fragility of our interconnected healthcare infrastructure and raised urgent questions about cybersecurity, patient care continuity, and the broader implications of healthcare consolidation.

As of March 6, 2024, the situation surrounding the Change Healthcare cyberattack remains critical. UnitedHealth Group has made strides in implementing workarounds and temporary solutions to restore some level of functionality to pharmacy, claims, and payment systems. While progress in providing temporary solutions is a positive development, the absence of a definitive timetable for fully restoring all affected services continues to pose significant challenges for providers, independent pharmacies, and patients alike. The financial strain on these entities persists, compounded by UnitedHealth Group's continued collection of patient premiums amidst the outage. With UnitedHealth Group's net worth standing at $433,790,000,000, the contrast between the corporation's financial standing and the ongoing struggles within the healthcare sector is stark, underscoring the urgent need for a comprehensive resolution to this unprecedented crisis.

Direct Impact on Patient Access and Care

The cyberattack on Change Healthcare has not only disrupted the healthcare data exchange ecosystem but has also led to significant patient distress and financial uncertainty. This crisis has been further compounded by the emergence of potential litigation from patients left to grapple with whether insurance will cover their treatments or medications. Patients, regardless of their plan type, are finding themselves at a heightened risk of incurring unexpected bills, exacerbating the already dire situation.

Take, for instance, the experience of Mara Furlich. Battling escalating Covid-19 symptoms and unable to get her claim processed due to the cyberattack, Furlich was forced to pay $1,600 out of pocket for Paxlovid. Similarly, one of the Community Access National Network’s (CANN) very own board members was confronted with a balance bill of over $2,000 from CVS Specialty Pharmacy for HIV medication when their Patient Assistance Program benefits were unable to be processed, illustrating the financial and access barriers erected by the cyberattack. This scenario, emblematic of the difficulties in processing Patient Assistance Programs (PAPs), underscores the significant disruptions to medication access, especially critical for managing chronic conditions.

Jen Laws, President & CEO of CANN, articulates the broader ramifications for people living with HIV (PLWH). "We've been in contact with our partners, including funders, to raise the concern around maintaining continuous access to care for PLWH, regardless of their payor," Jen states. "The reality is patients need to be aware their pharmacies, providers, and labs may be struggling to communicate and deliver timely service because of the sheer breadth of Change's reach."

This incident, alongside the litigation threats reported by Axios, underscores the acute disruptions to medication access and the financial jeopardy faced by patients. Kathy Oubre, CEO of Pontchartrain Cancer Center in Louisiana, shares similar concerns, noting the center has had to dispense drugs at risk due to the benefits verification process being down, leaving providers and patients "flying blind."

These developments signal a critical juncture in the healthcare sector's response to the cyberattack, highlighting the urgent need for systemic solutions to restore patient access to care and address the financial uncertainties exacerbated by this crisis.

The Role and Response of UnitedHealth Group

UnitedHealth Group found itself at the heart of this crisis. The conglomerate's response has been a blend of damage control and strategic measures aimed at mitigating the fallout. UnitedHealth Group's acknowledgment of the cyberattack was swift, with public assurances of their commitment to rectify the situation and restore full services. Part of their response has been the launch of a temporary financial assistance program, as outlined on UnitedHealth Group's website. This program, offering interest-free loans to affected healthcare providers, has been promoted as a means to ease the financial burden wrought by the cyberattack, facilitating the recovery of disrupted cash flows and delayed payments.

Yet, this initiative has not been universally welcomed. Criticism from the American Hospital Association (AHA) and other healthcare stakeholders has been vocal, with many decrying the financial assistance terms as burdensome, highlighting the disconnect between UnitedHealth's proposed solutions and the actual needs of the healthcare providers struggling in the cyberattack's aftermath.

The plight of Dr. Christine Meyer's primary care practice in Exton, PA, as reported by The New York Times, exemplifies the dire straits many healthcare providers find themselves in due to the cyberattack on Change Healthcare. Dr. Meyer's account of resorting to mailing "hundreds and hundreds" of pages of Medicare claims highlights the drastic measures providers are forced to take to navigate the bureaucratic maze in the absence of functional digital systems. The stark reality of having to consider cuts to essential services, like vaccine supplies, to conserve cash underscores the severity of the situation. Through Optum’s temporary funding assistance program, Dr. Meyer said she received a loan of $4,000, compared with the roughly half-million dollars she typically submits through Change. “That is less than 1 percent of my monthly claims and, adding insult to injury, the notice came with this big red font that said, you have to pay all of this back when this is resolved,” Dr. Meyer said. “It is all a joke.”

Moreover, UnitedHealth Group's continued collection of patient premiums amidst this turmoil has sparked further controversy, raising ethical questions about corporate responsibility versus profitability during a healthcare crisis. UnitedHealth Group's role in this crisis and its response to the cyberattack highlight the complex interplay between healthcare infrastructure, corporate governance, and patient care. As the healthcare sector navigates the aftermath of the cyberattack, the actions taken by UnitedHealth Group will likely continue to be a focal point for analysis and discussion, underscoring the need for robust, patient-centered solutions in the face of unprecedented challenges.

ADAPs and PAPs: Navigating the Cyberattack Crisis

The cyberattack has exposed the vulnerabilities of essential healthcare support systems, notably AIDS Drug Assistance Programs (ADAPs) and Patient Assistance Programs (PAPs). These programs, a critical safety net for providing vulnerable populations with access to necessary medications, have faced significant challenges in maintaining their operations amidst the cyberattack's disruptions.

In response, NASTAD issued guidance to ADAP administrators in an email, indicating that, due to delays in prescription fills caused by the outage, programs might need to temporarily cover medication costs directly, later seeking reimbursement from pharmacies. This measure, while ensuring that ADAP remains the 'payer of last resort,' highlights the operational and financial complexities these programs are navigating to keep access to care uninterrupted.

The repercussions of the cyberattack go beyond operational disruptions, threatening the very fabric of the healthcare safety net. The interim 'full pay' solution underscores the delicate balance between ensuring immediate access to medications and the long-term sustainability of these programs.

Amidst this crisis, the collective action of healthcare stakeholders is imperative. The NASTAD memo not only outlines immediate actions for ADAP administrators but also calls for widespread support to uphold these critical programs, encouraging ready communication to case managers and patients regarding the situation, status updates, and navigating alternative access to care as needed. As the sector continues to address the fallout from the cyberattack, the adaptability and resilience of ADAPs and PAPs are paramount in ensuring continuous care for those who depend on them most.

Reassessing Healthcare's "Too Big to Fail" Doctrine

This unprecedented disruption of critical services has exposed serious vulnerabilities associated with the healthcare sector's consolidation, particularly following UnitedHealth Group's acquisition of Change Healthcare. This event has reignited the debate over the "too big to fail" concept within healthcare, a concern that the Federal Trade Commission (FTC) had previously filed suit over due to potential risks of market dominance and a centralized point of failure.

The FTC's apprehensions about the merger highlighted fears of creating an overly centralized healthcare data exchange ecosystem, susceptible to significant disruptions from single points of failure. These theoretical concerns have been realized in the wake of the cyberattack, illustrating the tangible systemic risks of such consolidation. The incident underscores the precarious balance between efficiency gains through consolidation and the increased risk of widespread service disruptions. It should also seriously call into question prioritizing corporate profits and shareholder value over patient care and access.

The U.S. Department of Justice's recent launch of an antitrust investigation into UnitedHealth Group, as reported by The Wall Street Journal, adds a new layer to the ongoing debate. This investigation, focusing on UnitedHealth's expansive reach across the healthcare sector and its potential effects on competition and consumer choice, signals a critical moment in the U.S. government's efforts to address monopolistic consolidation practices within the healthcare industry.

Furthermore, the disproportionate impact on smaller entities, such as independent pharmacies and patient assistance programs, underlines the broader implications of healthcare consolidation. These challenges highlight the need for a healthcare infrastructure that values diversity and decentralization, fostering resilience against such cyber threats.

In light of the antitrust investigation and the fallout from the cyberattack, there's a pressing need for a comprehensive reassessment of healthcare consolidation trends. Strategic regulatory oversight, significant investments in cybersecurity, and comprehensive contingency planning are essential to mitigate the "too big to fail" risks. The healthcare system's integrity, resilience, and commitment to patient care in an increasingly digital age demand a vigilant approach to ensuring that consolidation does not compromise the sector's ability to serve the public effectively.

Call for Policy Intervention and Sector-wide Reforms

The cyberattack on Change Healthcare has catalyzed a unified call for urgent policy interventions and comprehensive sector-wide reforms from leading healthcare organizations, including the American Hospital Association (AHA) and the Medical Group Management Association (MGMA). These calls to action emphasize the critical need to fortify cybersecurity defenses, guarantee equitable patient access to care, and critically evaluate the prevailing trends of healthcare consolidation that have left the sector vulnerable.

The AHA has been at the forefront, advocating for robust support to help healthcare providers weather the storm caused by the cyberattack. Their public statement underscores the profound operational and financial challenges healthcare providers are facing, urging for greater flexibility from payers and governmental intervention to alleviate the crisis's immediate impacts.

Echoing this sentiment, the MGMA has highlighted the dire circumstances medical groups are navigating, as detailed in their communication to HHS Secretary Xavier Becerra. The association's plea for comprehensive support from the Department of Health and Human Services (HHS) reflects the broader necessity for guidance, financial aid, and regulatory leniency to ensure the sustainability of medical practices during these turbulent times.

Both organizations also spotlight the broader issue of healthcare consolidation, critiquing the increased centralization of healthcare services as a significant factor exacerbating the cyberattack's impact. This consolidation not only poses heightened cybersecurity risks but also threatens the diversity and resilience of the healthcare ecosystem. In response, there's a pressing demand for policy reforms that address both the immediate cybersecurity vulnerabilities and the long-term implications of healthcare consolidation, aiming to cultivate a more robust, diverse, and equitable healthcare system.

Urgent Calls to Action:

1. UnitedHealth Group must significantly expand its financial assistance program to offer real relief to the affected healthcare providers, pharmacies, and patients, ensuring the aid is substantial and derived from its vast resources, not at the expense of American taxpayers.

2. Regulatory bodies, including the FTC, must critically assess healthcare consolidation's impact, implementing measures to mitigate the risks of such centralization and prevent future vulnerabilities.

3. A united front of healthcare providers, associations, and advocacy groups is essential to demand accountability and transparency from UnitedHealth Group and similar entities, ensuring commitments to cybersecurity and continuity of care are upheld.

4. Legislators and policymakers are called upon to enact stringent cybersecurity regulations for the healthcare sector, emphasizing the need for comprehensive security protocols, consistent audits, and effective contingency planning.

5. A broader dialogue on healthcare consolidation's future is necessary, advocating for a healthcare model that prioritizes patient welfare, system resilience, and equitable access above corporate profitability.

In the wake of the Change Healthcare cyberattack, the path forward requires not just immediate remedial actions but also a deep, systemic reevaluation of the healthcare sector's structure and policies. It's time for decisive action and meaningful reform to ensure a secure, resilient healthcare system that serves the needs of all patients, safeguarding against future crises and fostering a healthcare environment where patient care is paramount.