Skip to content
AID-2022-00022022critical

Cigna PxDx Batch Rubber-Stamp Denials

Cigna's PxDx system resulted in 300,000+ medical claims denials approved in batches at 1.2 seconds each without individual claim review.

Binding commitmentDeny-by-defaultHigh-risk approval gate

What happened

In 2022, Cigna's automated PxDx claims system generated denial recommendations for medical benefits requests. Company-employed doctors then signed off on these denials in batches, averaging approximately 1.2 seconds per decision without conducting any meaningful review of individual claims. The rubber-stamp approval process resulted in over 300,000 denials being committed and finalized. Nearly all affected patients failed to appeal, allowing the systematic harm to persist undetected until a 2023 ProPublica investigation exposed the practice. In March 2025, a California federal court allowed class action claims to proceed against Cigna.

What the agent did

Approved and committed 300,000+ insurance claims denials in batch processes, with human reviewers spending approximately 1.2 seconds per denial without reading individual claim files before finalizing the irreversible denials.

The irreversible effect

Over 300,000 insurance claims were wrongfully denied in 2022 and remained unchallenged for years; affected patients lost access to benefits unless they filed appeals or pursued litigation; systematic harm persisted undetected until external investigation; resulting class action litigation and regulatory scrutiny.

Root cause

Absence of mandatory approval gate requiring reviewers to spend measurable time and individually document their review of each claim before committing an irreversible denial; batch approval workflows allowed decisions to be finalized without meaningful human oversight; no audit trail recorded decision time, reviewer rationale, or per-claim review before commitment.

How a maker-checker control would have refused it

high_risk_requires_gate—if the denial commitment skill were designated as high-risk, any attempt to execute it would be refused on the proxy with the message: 'skill cannot run through the proxy; run it in a governed flow with a preceding approval gate'. This would force all denials through an approval gate that records the reviewer's identity, elapsed time between claim presentation and decision, and individual claim review, making batch rubber-stamp patterns visible and attributable in the audit trail rather than hidden in internal metrics.

Runnable reproduction

This incident ships as a runnable scenario in the open-source repository. Point the enforcement engine at the policy and watch the action get refused, with the refusal written to a signed audit record.

examples/cigna-pxdx-batch-rubber-stamp-denials

View the reproduction on GitHub →

Accuracy and corrections

This entry describes a publicly reported incident and is compiled from the primary sources listed above. Where an account is a legal allegation rather than an established finding, the entry labels it as such. Summaries can still contain errors. If you can document a correction, email hello@makerchecker.ai and we will review and correct it, with the change noted, within 14 days.

See it for yourself

Reading is one thing. Watch it block an agent.

One command starts the demo: an agent stopped from signing off its own work, and the signed evidence file an inspector can check for themselves.

Designed against the rules your auditors already enforce.