Accurate risk adjustment isn’t just a box to check anymore. It’s a strategic lever. Hierarchical Condition Category (HCC) coding underpins risk scores that drive Medicare Advantage and other value-based payments. With more than half of Medicare beneficiaries now enrolled in Medicare Advantage for 2025 (that equates to roughly 35.7 million people), precision in coding directly affects financial performance and compliance.
Many organizations with good intentions outsource HCC coding to third parties that promise scale and turnkey accuracy. But in practice, outsourcing can be costly, difficult, and risky. The good news? Recent advances in generative AI have made it significantly easier and safer to bring HCC coding in-house, lowering costs, and strengthening audit readiness.
The hidden costs (and risks) of outsourcing
The business model behind outsourced HCC coding creates misaligned incentives. In essence, you’re trading off higher spend for softer accuracy guarantees. Health plans can spend millions under per-chart pricing models, but vendors rarely provide the transparent, auditable evidence needed to show that coding accuracy is actually better.
Meanwhile, CMS estimates the FY2024 Part C (Medicare Advantage) payment error at $19.07 billion — a reminder that documentation gaps remain a systemic risk if you can’t see and defend every code.
What’s worse? Audit exposure sits with you, not the vendor. While CMS has mechanisms in place to claw back overpayments, including extrapolation, and when diagnoses aren’t supported in the chart, it’s not a perfect system. If an outsourced partner “pushes” codes, you keep the liability when auditors review the records, and they keep their fees.
Additionally, with most outsourced models, you ship protected health information (PHI) out and accept someone else’s thresholds, edit logic, and risk tolerance. That lack of control and transparency is a problem if CMS or a plan auditor asks “why was this HCC assigned?” and you can’t produce an explainable, defensible trail.
Changing regulatory targets
Imagine hiring a tax firm that charges 20% of your deductions instead of an hourly rate. They have every incentive to find more deductions and to push the envelope. If you get audited, you’re liable; they keep their cut. That’s the risk dynamic of many outsourced HCC models: vendors maximize near-term revenue, while you face the long-tail audit exposure.
In Medicare Advantage, the stakes are enormous. 2025 payments continue to rise as enrollment grows, intensifying scrutiny on the accuracy of risk scores and coding practices. Policy updates project ongoing payment increases tied partly to risk score changes, fueling further attention from CMS and watchdogs.
Regulators are making the risks even clearer. The Office of Inspector General (OIG) has repeatedly warned about diagnoses that come only from health risk assessments (HRAs) or chart reviews, but aren’t backed up anywhere else in the medical record. These kinds of codes raise payments but often don’t hold up under audit. In other words, you’re taking calculated regulatory risks if coding isn’t buttoned up.
The in-house alternative
Thanks to advances in generative AI, bringing HCC coding in-house can remedy many of these issues at a fraction of the cost and risk profile. Your organization — not a vendor — is in the driver’s seat when it comes to edit logic, thresholds, evidence requirements, and escalation paths. That means audit readiness is built into the design, with full provenance for every suggested and accepted code.
Think about it: You already employ clinical coders. When equipped with the right AI, they can pre-review charts, surface high-yield evidence, and accelerate second-level review easily without adding headcount. Perhaps most importantly, solutions that run inside your environment avoid sharing PHI while giving your team full observability.
A few years ago, “DIY” meant building a natural language processing (NLP) platform from scratch. Not anymore. New generative AI-powered HCC coding tools can be integrated into existing workflows to read messy, siloed, multimodal data, keep pace with evolving models, operate on-prem or in a private cloud environment, and let you customize to meet the needs of your own organization.
The safer, smarter path forward
Regulators have made their expectations clear. Unsupported diagnoses will be found and funds will be recovered. The OIG continues to spotlight vulnerable coding channels like HRAs and chart reviews when they’re not supported elsewhere in the medical record. And CMS’s Part C error-rate work shows billions at stake each year.
Outsourcing made sense when the technology gap was wide. That gap has since closed. Today, organizations can deploy AI-native HCC platforms behind their own firewall, tailor them to their compliance posture, and operate at a predictable per-patient cost, while staying audit-ready.
Risk adjustment is too strategic to leave outside your four walls. The future of HCC coding is in-house, and with a combination of generative AI and your own clinical coders, organizations can directly address each of these realities with control, transparency, and cost savings.
David Talby
David Talby is CEO for John Snow Labs.
