Sep 18, 2020
Why APIs are the infrastructure solution for modern insurance carriers
We lose more than $900 billion a year to waste in healthcare. Our leadership team examines how APIs are powering a new age of connected insurance experiences.
At Noyo, we believe APIs are best poised to deliver the future of health insurance, which is why we’ve built the first end-to-end solution connecting insurance carriers and benefits platforms. But why APIs? We asked our CEO, COO, and VP of Engineering to explore this exact question.
If digital transformation is on your mind, we promise you'll enjoy the conversation.
The opportunity
Shannon Goggin, Co-Founder & CEO, Noyo
Shannon, what's happening in the insurance industry that's motivating carriers to think differently about distribution?
Software is upending the way people are purchasing and engaging with their health insurance. Today, some of these new software models are online brokers, others make HR and payroll software sold directly to employers, and others assist traditional brokerages. In the future, we expect insurance data to become even more accessible to developers, leading to a new ecosystem of consumer and business applications.
We’ve already seen this happen in “fintech”, and the pace of change is rapidly accelerating in our space. This is driving new imperatives, and opportunities, for insurance companies, forcing them to adapt or risk being left behind.
When there’s risks, there’s often rewards. How should carriers think about adapting their systems? What opportunities lie ahead?
Insurers that delay the technical investments needed to capitalize on digital distribution are already being swept by fast-moving, nimble competitors.
Carriers need modern infrastructure to expand and protect their business. This means secure, efficient, and developer-friendly ways to exchange data with software platforms, and APIs have proven to be the best solution.
A similar revolution has taken place in financial services, which is why Noyo is often compared to Plaid in fintech.
What's happened is API infrastructure has led to massive improvements in consumer experiences. You can connect bank accounts instantly, explore transaction data, verify identities, and transfer funds all within an app.
And what we’re seeing now is traditional banks are embracing APIs and API partners as a way to quickly and securely connect financial data, but also because they need to keep customers from migrating away to newer, more innovative platforms.
What if you're a large carrier with a strong traditional distribution network? Is there the same imperative to adapt?
The reality is brokers are no longer the sole driver of how employers choose their benefits. Companies choose software to help run their businesses, from HR to payroll to benefits. These companies have a new and outsized impact on employers’ decisions about what benefits to offer, and they’re going to choose partners that provide the most seamless, connected experience. They also want to lower operations costs for their customers, and this is where traditional distribution models break down.
Security is also a major consideration. In a world of connected insurance, carriers need to be safe stewards of PHI while also enabling consumers to use the tools they choose. Outdated standards like EDI and other manual systems are not only error-prone, but they have many holes that can be exploited. Carriers that don’t update to modern standards pass those risks on to their partners.
What are some examples of new, modern health insurance experiences that APIs are enabling, where do you think this is all headed?
In the future, insurance will more frequently be embedded alongside other experiences. We’re already seeing this with all-in-one HR services. Companies like Rippling, Gusto, and Zenefits offer payroll, HR, and benefits tools all in one place. These are powerful, streamlined experiences that go well beyond insurance.
We can expect more innovation along this dimension. Imagine going to the doctor and having one app to check which doctors are available in your network, how much you’ve spent against your co-pay and deductibles, and what services are covered by your policy so you can make the best decision in the moment.
Insurance will be embedded into financial applications as well. Financial planning apps should be able to look at your health and life insurance and make recommendations on your annual savings and 401k contributions to keep you protected.
We lose more than $900 billion every year to waste in healthcare. APIs are enabling a new age of connected insurance so everyone has the right information when they need it.
The product impact
Dennis Lee, Co-Founder & COO, Noyo
Shannon described a lot of the opportunity that APIs present, but what are the limitations of today’s means of data transfer? Why can’t the status quo capture that opportunity?
In general, when a human person is a critical piece in any business process, there will always be a high error rate, and that means poor customer experiences.
For paper-based enrollments, which are now mostly PDF forms sent over email to a carrier inbox, we have seen carriers building operations teams to simply type that information back into their systems. It’s not hard to imagine why that’s expensive and rife with errors.
Perhaps even more ironic is when we see large technical investments to make an error-prone system more sophisticated like implementing OCR technology to automatically translate the text from pdfs and paper documents. No matter how robust the quality assurance process, if data exchanges multiple hands and relies heavily on human interpretation, the system won’t scale in the world of connected insurance.
Portal-based enrollments limit some of these manual processes for the carrier, but they don’t scale well with the one-to-many relationship benefits software platforms have enabled. Consumers want more options, and new software makes this possible. With portals, partners are asked to go into multiple carrier systems to manually enter the same demographic information over and over again. That means more opportunity for errors, and it places the operations burden on customers.
And what about EDI, the standard for the health insurance industry for so long?
File feeds (EDI 834 or other carrier specific file feeds) allow data to be automatically sent to the carrier on a regular cadence. If the goal is to quickly onboard new connections and provide a smooth customer experience, then this doesn’t scale either. Setting up file feeds is a time-intensive task for any engineering team. It takes weeks, and sometimes months, of work to stand up a single connection.
But the bar for modern standards is even higher. In addition to speed and accuracy, software platforms want transparency into the status of transactions, and they want those insights in real time. Carriers can benefit from this too. And this is where EDI is most limited.
EDI file feeds were intended for one-way communication. You're lucky as a platform partner if you have visibility into any changes that are made to a file at all, let alone have an efficient way to identify and resolve errors. And any team that works with EDI knows it can take days to reconcile trivial errors, which often leads to major delays in coverage.
So then from a technical perspective, what is the argument for APIs? Why are they poised to accelerate growth?
APIs (Application Programming Interface) are simply a standardized way for two applications to instantly exchange information. One of the reasons they’re so widely adopted is because of their flexibility. Any system capable of HTTP requests can exchange data with an API making it easy for developers to build connections, especially among fragmented platforms. APIs also enable powerful data operations and instant feedback loops, which leads to better insights and new capabilities.
For benefits administration specifically, here’s a few reasons why APIs are a catalyst for growth:
1) You can process transactions and onboard groups faster without ever having to rely on a person to re-enter data; eligibility data is transferred programmatically and can be instantly synced across any connected system.
2) APIs allow us to design upfront validations to immediately reject requests if something is missing or a business rule is not followed; you can essentially automate accuracy.
3) They provide a new level of transparency. APIs are like building blocks enabling you to query and manipulate data for almost any use case. They also allow very granular permissions so you can create more nuanced, secure systems.
4) Scale connections faster. Developers can set up connections between platforms in days, not weeks or months; APIs flexibly integrate with any carrier or benefits software system.
Ultimately, distribution platforms will want to partner with insurance companies that make processes easier, faster, and more transparent. APIs enable customers who are used to waiting weeks to confirm coverage to see their enrollments (and their member id) within seconds. That’s not future-state; that’s what Noyo enables today.
The developer experience
Peter Nagel, VP of Engineering, Noyo
Peter, both Shannon and Dennis mentioned the need for more secure connections. When it comes to security and compliance, how do APIs compare to other solutions?
Within health insurance infrastructure by far the most popular alternative to an API solution is a file-based exchange over SFTP. While APIs served over HTTPS and SFTP offer similar encryption via SSL/TLS and SSH respectively, APIs offer several additional benefits that result in a more secure solution.
The first benefit is that APIs offer more granular permissions. SFTP allows you to restrict who can access a folder and what operation they can perform (read vs. write). APIs allow you to provide the same permissions via access to specific endpoints and HTTP methods, but they also allow you to vary what fields are returned from a particular endpoint, which resources are accessible in a given endpoint, which attributes are available to be modified, and which actions can be taken on a resource.
To guard an SFTP server from bad actors the most common technique is to allow-list specific IP addresses from known partners. This particular protection is also available for APIs, but additionally there are well-tested solutions to protect your server from other attacks like DDOS using rate limiting and web application firewalls.
APIs are often described as a “flexible” solution that can plug-in to any system, what does that mean?
It will vary based on the API platform, but Noyo’s APIs can be integrated into a carrier’s system with much lower effort than a similar file-based solution. The main reason for this is that all actions are specific and discrete; you do not need to send us a full snapshot of a group in order to make a single change.
The way it works is you programmatically send individual requests to our API to get a member enrolled, update demographic information, or handle a qualifying life event. You have the ability to use data for a single carrier, a subset of groups, or for a single transaction type. Also, you immediately have the ability to pull data from the Noyo system even if you aren’t sending transactions yet.
What about the integration process itself, how do APIs compare to file feeds?
The main advantage of an API solution in terms of integration is rapid feedback. When working with file-based solutions like SFTP you often drop a file, wait for it to get picked up and processed, and if you’re lucky you will receive an error report on the SFTP or via email detailing any issues with your file. This is tedious and slow, and it requires additional work to match up the error report with the original data.
When working with an API, you receive a well structured error message in the HTTP response immediately after sending your request. These errors are timely and contextual making it much easier to track down what is wrong and how to fix it.
How would you describe the trade-offs in building API infrastructure yourself versus an integration partner like Noyo?
Making an API endpoint from your system available to the outside world is just the first of many steps in providing a true API product to your customers. Not to mention, the ongoing maintenance costs and business costs of growing adoption.
Noyo provides your partners with a number of powerful features. First, we make it easier for developers to integrate with easy to use documentation and a sandbox experience. We provide a full-featured API dashboard to view API activity, view data available via the API, and take action on data discrepancies that Noyo identifies between the platform and carrier.
Our team specializes in building robust API infrastructure, and we innovate on both the carrier and platform side. What we’ve built is a solution that any partner can plug into quickly so insurance companies can focus on what they do best.
Reach out to our team to learn more about Noyo's API solutions.