For many Third Party Administrators (TPA), AI is becoming woven into claims processing, either as a tool they’ve adopted themselves or one required by the health plan client. Courts are beginning to scrutinize not just the outcome of a claim decision, but how AI may have shaped it. This scrutiny can create unexpected, material litigation exposure for healthcare TPAs, even when the AI tool wasn’t theirs to begin with.
Courts have already applied fiduciary theories to AI-driven coverage determinations
In Kisting-Leung v. Cigna Corp.,[1] plan participants alleged that Cigna’s use of an algorithm to make medical necessity determinations breached its fiduciary duty under ERISA. Cigna’s plan documents promised that a medical director, not an algorithm, would make those determinations. Cigna argued it was exercising discretionary authority to interpret plan terms when it adopted the algorithm. The court rejected that defense and held that plaintiffs adequately pled a breach of fiduciary duty by alleging Cigna violated the plan’s own terms when it entrusted medical necessity determinations to an algorithm instead of a medical director. This ruling came on a motion to dismiss, and the court allowed the fiduciary breach theory to proceed for plaintiffs who could plausibly allege their claims were processed through the algorithm.
For TPAs, if plan documents promise that a qualified person, not an AI or algorithmic tool, will make a coverage determination, deploying an AI system to functionally make that determination can be the fiduciary breach, independent of whether the system’s output happens to be accurate.
Assume your AI tools will be discoverable.
Once a claim denial is challenged, expect the AI tools involved to become a discovery target. Earlier this year, the federal court in Estate of Lokken v. UnitedHealth Group[2] ordered broad discovery into an AI claims tool, including how it was built, implemented and whether it was designed to replace independent human judgment. Specifically, the court ordered the production of documents and communications regarding the AI’s “development, design, creation, approval, implementation, and use” and the identities of individuals involved in the AI’s “development, design, creation, implementation, and approval.”
In Lokken, the court’s discovery analysis focused on how the AI tool was used to make coverage decisions. TPAs should anticipate that courts may take the same approach where the actual use, not formal ownership of the AI tool, will determine the scope of discovery. TPAs may not be able to prevent disclosure simply by pointing to a health plan client’s decision to require the AI tool.
Beyond AI targeted discovery requests, TPAs should also be aware of trade secret considerations. Insurers and TPAs have typically resisted producing details concerning claims evaluation tools by characterizing them as proprietary. Courts following the Estate of Lokken v. UnitedHealth Group rationale may find this argument unavailing.
The health plan required the AI claims tool, but the TPA is a named defendant.
Many TPAs use AI tools selected or required by their health plan clients, not built in-house. That does not reduce litigation risk. The entity that actually issues the denial is typically who gets named, regardless of who chose the tool.
TPAs should review their administrative services agreements for audit rights over any AI tool used in claims processing, indemnification tied to the tool’s use and performance, and clear allocation of liability between the TPA and the plan.
TPAs need to confirm whether their E&O insurance provides coverage.
Many management liability and errors & omissions (E&O) insurers are adding broad AI exclusions to their policies (learn more about this in our recent legal alert). Absolute AI exclusions present in management and professional liability policies are designed to disclaim coverage for any claim, loss or liability based on, arising out of or attributable to a company’s use of artificial intelligence. TPAs need to confirm the presence of AI exclusionary endorsements.
Looking Ahead
AI is quickly changing how claims decisions are made, and that shift may reshape how courts evaluate TPA liability. This is regardless of whether the TPA built the AI tool, licensed it or simply uses what is required by its health plan client. TPAs need to document human decisioning in the claim review process; secure contractual rights to the tool’s validation data, override rates and oversight records before a dispute arises, rather than learning about them for the first time in discovery. TPAs also should confirm whether their E&O coverage responds to this risk. TPAs that get ahead of these questions now will be better positioned than those addressing them for the first time in litigation.
If you have any questions about AI exposure for Health Plan TPAs, please contact Michael Gonzales or your regular Lathrop GPM attorney.
[1] Kisting-Leung v. Cigna Corp., 780 F. Supp. 3d 985, 1005 (E.D. Cal. 2025) (“Because plaintiffs have adequately alleged that defendants violated the plan terms when they entrusted medical necessity determinations to the PxDx algorithm, they have adequately plead a breach of fiduciary duty.”)
[2] Estate of Lokken v. UnitedHealth Group, Inc., No. 23-CV-3514 (JRT/SGE), 2026 WL 658883 (D. Minn. Mar. 9, 2026).