UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

FORM 10-K

For the fiscal year ended March 31, 2021

or

Commission file number: 001-12537

NEXTGEN HEALTHCARE, INC.

(Exact name of registrant as specified in its charter)

(404) 467-1500

(Registrant’s telephone number, including area code)

Securities registered pursuant to Section 12(b) of the Act:

Securities registered pursuant to Section 12(g) of the Act: None

Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes ☑ No ☐

Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes ☐ No ☑

Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes ☑ No ☐

Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§ 232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit). Yes ☑ No ☐

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” and “smaller reporting company,” and "emerging growth company" in Rule 12b-2 of the Exchange Act.

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.  ☐

Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.  ☑

Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Act). Yes ☐ No ☑

The aggregate market value of the voting stock held by non-affiliates of the Registrant as of September 30, 2020: $704,935,000 (based on the closing sales price of the Registrant’s common stock as reported on the NASDAQ Global Select Market on that date of $12.74 per share)*

The Registrant has no non-voting common equity.

The number of outstanding shares of the Registrant’s common stock as of May 24, 2021 was 67,031,182 shares.

*     For purposes of this Annual Report on Form 10-K, in addition to those shareholders which fall within the definition of “affiliates” under Rule 405 of the Securities Act of 1933, as amended, holders of ten percent or more of the Registrant’s common stock are deemed to be affiliates for purposes of this Report.

DOCUMENTS INCORPORATED BY REFERENCE

NEXTGEN HEALTHCARE, INC.

TABLE OF CONTENTS

2021 ANNUAL REPORT ON FORM 10-K

Table of Contents

CAUTIONARY STATEMENT

This Annual Report on Form 10-K (this "Report") and certain information incorporated herein by reference contain forward-looking statements within the “safe harbor” provisions of the Private Securities Litigation Reform Act of 1995. All statements included or incorporated by reference in this Report, other than statements that are purely historical, are forward-looking statements. Words such as “anticipate,” “expect,” “intend,” “plan,” “believe,” “seek,” “estimate,” “will,” “should,” “would,” “could,” “may,” and similar expressions also identify forward-looking statements. These forward-looking statements include, without limitation, discussions of the impact of the COVID-19 pandemic and measures taken in response thereto, as well as our product development plans, business strategies, future operations, financial condition and prospects, developments in and the impacts of government regulation and legislation, and market factors influencing our results. Our expectations, beliefs, objectives, intentions and strategies regarding our future results are not guarantees of future performance and are subject to risks and uncertainties, both foreseen and unforeseen, that could cause actual results to differ materially from results contemplated in our forward-looking statements. These risks and uncertainties include, but are not limited to, our ability to continue to develop new products and increase systems sales in markets characterized by rapid technological evolution, consolidation, and competition from larger, better-capitalized competitors. Many other economic, competitive, governmental and technological factors could affect our ability to achieve our goals, and interested persons are urged to review the risk factors discussed in “Item 1A. Risk Factors” of this Report, as well as in our other public disclosures and filings with the Securities and Exchange Commission (“SEC”). Because of these risk factors, as well as other variables affecting our financial condition and results of operations, past financial performance may not be a reliable indicator of future performance and historical trends should not be used to anticipate results or trends in future periods. We assume no obligation to update any forward-looking statements. You are cautioned not to place undue reliance on forward-looking statements, which speak only as of the date of the filing of this Report. Each of the terms “NextGen Healthcare,” “NextGen,” “we,” “us,” “our,” or the “Company” as used throughout this Report refers collectively to NextGen Healthcare, Inc. and its wholly-owned subsidiaries, unless otherwise indicated.

3

Table of Contents

PART I

ITEM 1. BUSINESS

Company Overview

NextGen Healthcare is a leading provider of software and services that empower ambulatory healthcare practices to manage the risk and complexity of delivering care in the rapidly evolving U.S. healthcare system. Our combination of technological breadth, depth and domain expertise makes us a preferred solution provider and trusted advisor for our clients. In addition to highly configurable core clinical and financial capabilities, our portfolio includes tightly integrated solutions that deliver on ambulatory healthcare imperatives including: population health, care management, patient outreach, telemedicine, and nationwide clinical information exchange.

We serve clients across all 50 states. Over 100,000 providers use NextGen Healthcare solutions to deliver care in nearly every medical specialty in a wide variety of practice models including accountable care organizations (“ACOs”), independent physician associations (“IPAs”), managed service organizations (“MSOs”), Veterans Service Organizations (“VSOs”), and Dental Service Organizations (“DSOs”). Our clients include some of the largest and most progressive multi-specialty groups in the country. With the addition of behavioral health to our medical and oral health capabilities, we continue to extend our share not only in Federally Qualified Health Centers (“FQHCs”), but also in the growing integrated care market.

NextGen Healthcare has historically enhanced our offering through both organic and inorganic activities. In October 2015, we divested our former Hospital Solutions division to focus exclusively on the ambulatory marketplace. In January 2016, we acquired HealthFusion Holdings, Inc. and its cloud-based electronic health record and practice management solution. In April 2017, we acquired Entrada, Inc. and its cloud-based, mobile platform for clinical documentation and collaboration. In August 2017, we acquired EagleDream Health, Inc. and its cloud-based population health analytics solution. In January 2018, we acquired Inforth Technologies for its specialty-focused clinical content. In October 2019, we acquired Topaz Information Systems, LLC for its behavioral health solutions. In December 2019, we acquired Medfusion, Inc. for its Patient Experience Platform (i.e., patient portal, self-scheduling, and patient pay) capabilities and OTTO Health, LLC for its integrated virtual care solutions, notably telemedicine. The integration of these acquired technologies has made NextGen Healthcare’s solutions among the most comprehensive in the market.

Our company was incorporated in California in 1974. Previously named Quality Systems, Inc., we changed our corporate name to NextGen Healthcare, Inc. in September 2018. Our principal executive offices are located at 3525 Piedmont Rd., NE, Building 6, Suite 700, Atlanta, Georgia, and our principal website is www.nextgen.com. We operate on a fiscal year ending on March 31.

Industry and Regulatory Background, Market Opportunity, and Trends

Over the last decade, the ambulatory healthcare market has experienced significant regulatory change, which has driven the need for improved technology to enable practice transformation. Recognizing it was imperative to digitize the U.S. health system to stem the escalating cost of healthcare and improve the quality of care being delivered, Congress enacted the Health Information Technology for Economic and Clinical Health Act in 2009 (“HITECH Act”). The legislation stimulated healthcare organizations to not only adopt electronic health records, but to use them to collect discrete data that could be used to drive quality care. This standardization supported early pay-for-reporting and pay-for-performance programs.

In 2010, the Affordable Care Act (“ACA”) established the roadmap for shifting American healthcare from volume (fee-for-service) to a value-based care (“VBC”) system that rewards improved outcomes at lower costs (fee-for-value). This was followed by the Medicare Access and CHIP Reauthorization Act of 2015 (“MACRA”), bipartisan legislation that further changed the way Medicare rewards clinicians for value vs. volume. Initially focused on government-funded care, the domain of the Centers for Medicare & Medicaid Services (“CMS”), these programs are now firmly established on the commercial insurance side of the industry as well.

Importantly, the introduction of VBC programs was only an element of the broader approach to reducing healthcare expenditure. The drive to reduce costs initially led to consolidation in the healthcare system that was followed by a significant shift of care from the inpatient to lower cost outpatient setting. Among other factors, consumerism is set to play a major role in driving volume increases outside of the hospital. In addition, providers continue to seek new tools and means to connect with patients in new ways. Patients are expecting care to be personalized and tailored to their preferences and are seeking much greater transparency about the costs for visits, medications, and procedures as well as improved convenience and access to care. Along with the continued expansion of telehealth, there will be growth in technologies which facilitate the digital connection between patient and provider.

The need to sustain revenue has made it extremely important for practices to secure their patient market share, elevating patient loyalty to a significant determinant of provider success. In addition to being loyal, groups participating in value-based contracts realized that patients also needed to be engaged in their care and interested in improving their own health. The need to attract, retain and engage patients has made patient experience one of the most important aspects of evolving care delivery in the United States. Capturing patient market share and thriving in a market driven by VBC requires both an integrated platform and a full view of the patient population’s clinical and cost data, neither of which could be accomplished without new technologies to collect and analyze multi-sourced patient data. Effectively implemented, these new technologies allow

4

Table of Contents

organizations to enhance financial viability while exercising the freedom to join, affiliate, integrate or interoperate in ways that maximize strategic control.

Although the HITECH Act led to the meaningful adoption of electronic health records, many in the healthcare industry were dissatisfied with the level of exchange of health information between different providers and across different software platforms. With the passing of the MACRA law in 2015, the U.S. Congress declared it a national objective to achieve widespread exchange of health information through interoperable certified electronic health records (“EHR") technology. Then, in December 2016, the 21st Century Cures Act (“Cures Act”) was passed and signed into law. Among many other policies, the law includes numerous provisions intended to encourage nationwide interoperability.

In January 2020, the U.S. Department of Health and Human Services (“HHS”) officially declared that a public health emergency (“PHE”) existed as a result of the COVID-19 pandemic. Then, in March and April 2020, HHS issued a series of rules and orders to offer healthcare providers flexibility or waivers from certain regulatory requirements during the PHE.  

Among other changes, HHS and the Centers for Medicare and Medicaid Services (“CMS”) eliminated the patient geographic and originating site restrictions for Medicare telehealth services that outside of the PHE restrict the services to patients in rural geographic areas who are physically present at a healthcare facility at the time of service.  Other flexibilities authorized CMS to reimburse telehealth visits at the same payment rates as in-person office visits during the PHE.  State Medicaid programs and commercial insurers instituted similar policies to promote virtual visits as an alternative to in-person care during the pandemic.  

Now, looking beyond the eventual end of the PHE, Congress is considering legislation that would make some of these temporary telehealth policies permanent. In April 2021, bipartisan legislation was introduced in both the U.S. House of Representatives and the U.S. Senate that would permanently expand Medicare’s telehealth services program to all geographies and allow patients to receive services from their homes.

In March 2020, the HHS Office of the National Coordinator for Health Information Technology (“ONC”) released a final regulation which implements the key interoperability provisions included in the Cures Act. The rule calls on developers of certified EHRs to adopt standardized application programming interfaces (“APIs”) and to meet a list of other new certification and maintenance of certification requirements in order to retain approved federal government certification status.

The ONC rule also implements the information blocking provisions of the Cures Act, including identifying reasonable and necessary activities that do not constitute information blocking. Under the Cures Act, HHS has the regulatory authority to investigate and assess civil monetary penalties of up to $1,000,000 against certified HIT developers found to be in violation of “information blocking.”

The $2.2 trillion Coronavirus Aid, Relief, and Economic Security Act ("CARES Act”) was signed into law in late March 2020.  While this law created the “Paycheck Protection Program” for small businesses, which would include many physician groups, the CARES Act also increased funding for the Public Health and Social Services Emergency Fund by $127 billion, with $100 billion of that earmarked to reimburse eligible hospitals and healthcare providers for healthcare-related expenses or lost revenues not otherwise reimbursed that are directly attributable to COVID-19. The law also provided $1.32 billion in supplemental funding to community health centers.

The Consolidated Appropriations Act, 2021 was passed by Congress and signed into law in December 2020. This $2.3 trillion legislative package combines the $1.4 trillion fiscal year 2021 appropriations bills with a $900 billion coronavirus aid package. The law adds $3 billion in additional funding for HHS’s Provider Relief Fund, which was established by the CARES Act (March 2020) and previously funded with $175 billion to reimburse providers for healthcare related expenses and lost revenue attributable to the pandemic. The law also provides a three-year extension (federal fiscal years 2021, 2022, 2023) of federal grant funding for community health centers and provides $4.25 billion in supplemental grant funding for substance abuse disorder, mental health, and behavioral health programs run by HHS’s Substance Abuse and Mental Health Services Administration (“SAMHSA”).  Support for telehealth services was included through provisions that permanently remove Medicare’s patient geographic and site limitations and an appropriation of $250 million for the Federal Communications Commission’s (“FCC’s”) COVID-19 Telehealth Program, which grants non-profit healthcare providers financial support to implement telehealth solutions.

In March 2021, President Joe Biden signed into law the $1.9 trillion American Rescue Plan Act. This legislation includes additional coronavirus-related relief measures and is the latest in a series of pandemic-related aid legislation enacted since March 2020. Among other provisions, this law provides $7.6 billion in supplemental federal grant funding for FQHCs. As a comparison, the CARES Act provided $1.3 billion in supplemental federal grant funding for FQHCs. In addition, this law provides $3.5 billion in funding for block grant programs that address mental health and substance use disorders and are administered by HHS’s SAMHSA.  

The new regulations will require significant compliance efforts for not only HIT companies, networks, and exchanges, but also for healthcare providers. However, the Cures Act also creates opportunities for improving care delivery and outcomes through increased data exchange between providers and easier patient access to their own health information. Key to unlocking these benefits is the introduction of new Fast Healthcare Interoperability Resources (“FHIR”) standards, which ONC requires certified HIT companies to adopt through APIs. Meanwhile, CMS is requiring hospitals to provide electronic admission, discharge and transfer notification to other healthcare facilities, providers and designated care team members. All healthcare providers are required to comply with the information blocking rules as of the initial April 5, 2021 compliance date.  As of December 31, 2022, providers participating in federal programs that require the use of certified HIT will need to use the new “2015 Edition

5

Table of Contents

Cures Update” certified version of EHR software to comply with the Cures Act certification requirements. Through enhanced interoperability functionality and standardized APIs, the Spring ‘21 release of NextGen® Enterprise will help healthcare providers meet these dual mandates included in the Cures Act.

Refer also to the discussion of regulatory risks within “Item 1A. Risk Factors” for governmental regulations and policies that may affect our business.

Through the expansion of our NextGen® Share interoperability services platform and API partner marketplace, we will address the increased demand for moving and sharing patient data from the EHR easily, quickly and securely. Interoperability improves patient experience and care coordination, enhances patient safety, and reduces costs. We are also expanding resources such as educational webinars, blogs and videos on interoperability to help educate and support healthcare providers.

In recent years, there has been incremental investment to improve the delivery of behavioral healthcare. One of the central drivers of this investment has been the opioid epidemic which claims more than 80,000 lives a year in the United States. The integrated care model prevalent in FQHCs, a model which calls for integration of behavioral health and primary care in single care settings, has also gained momentum. Both behavioral health and the integrated care workflows require broad, purpose built, tailored HIT capabilities, many of which are supported by the NextGen Healthcare platform. As a result of the COVID-19 pandemic, ambulatory practices have come to appreciate the importance of business continuity, particularly in administrative business functions which are non-core to medical care and may turn to NextGen Healthcare more often for managed services.

COVID-19 Pandemic

In late 2019, the emergence of a novel coronavirus, or COVID-19, was reported and in January 2020, the World Health Organization (“WHO”), declared it a Public Health Emergency of International Concern. In March 2020, the WHO escalated COVID-19 as a pandemic. We proactively responded to the pandemic by creating an executive task force to monitor the COVID-19 situation daily and immediately restricted non-essential travel and migrated to a fully remote workforce while maintaining complete operational effectiveness.

The need to access care while still social distancing was addressed early on with the limited use of telemedicine (also known as virtual visits) and was energized when the federal government reduced regulatory barriers and addressed payment parity between virtual and in-person visits. With these tailwinds, telemedicine quickly became regarded as a safer way for patients and providers to engage each other while also relieving economic pressure on the medical practice. We believe that the uptake of telemedicine will transcend COVID-19 and that virtual visits will become a permanent and important change in the way care is delivered. Keeping patients out of the transit system, out of the waiting room and away from other sick patients is simply good medicine.

Since the mid-March 2020 timing of government orders to shelter in place and restrict non-essential medical services, the COVID-19 pandemic caused declines in patient volume. This negatively impacted our revenue in the fourth quarter of fiscal 2020, most notably for purchases of software and hardware. The impact of the disruption also impacted the first half of fiscal 2021, primarily in managed services and EDI, which are volume driven. During this challenging and uncertain period, we made some important decisions, including cost reduction activities with a primary goal of preserving cash and protecting the employee base. Most of these cost reductions were temporary as we believed that preserving our employee base, organizational momentum, and robust capabilities was the right decision for the Company and our shareholders. As the impact of the pandemic and related restrictive measures began to subside in the second half of fiscal 2021, patient volume has returned to close to pre-pandemic levels, and thus revenue returned to more normal levels. At present, we are conducting business as usual with certain modifications to employee travel, employee work locations, and marketing events, among other modifications. We continue to monitor the broader implications of the global COVID-19 pandemic and may take further actions that we determine are in the best interests of our employees, customers, partners, suppliers, and shareholders.

Our Strategy

We empower the transformation of ambulatory care by delivering solutions that enable groups to be successful under all models of care, including emerging value-based care models that include down-side risk. We primarily serve organizations that provide care in an ambulatory setting and do so across diverse practice sizes, specialties, and business models.  Furthermore, we support the advances in integrated care that focuses on the whole person. Our platform is uniquely positioned to successfully enable our clients to expand access to care, enhance the coordination and management of care, and optimize patient outcomes through an integrated medical record that extends across their medical, mental, and oral health and care needs.

Effective and frictionless interoperability is essential to all models of care. Our experience powering many of the nation’s Health Information Exchanges (“HIE’s”) places us in a unique position to enable our clients to leverage this technology to lower the cost of care and improve the patient and provider experience by providing an integrated community patient record.

Patient experience is directly correlated to patient engagement and an engaged patient is a key to positive outcomes. Today’s patient is also an active consumer of their healthcare, each searching for the best experience. Our platform enables our clients to create a personalized care experience that enhances trust and drives patient loyalty.

6

Table of Contents

Our longstanding success in the ambulatory market has enabled us to build significant expertise across many relevant disciples that are clients actively request. We partner with our clients to operate and optimize their IT systems and operations, enhance revenue cycle processes, service line expansion and operations, as well as advise on long-term strategy.

As one of the leading healthcare information technology players in the U.S. ambulatory marketplace, we plan to continue investing in our current capabilities as well as building and/or acquiring new capabilities as we guide our clients through the market’s transformation. We expect to continue to empower the transformation of care through the following strategic priorities:

Our Solutions

NextGen Healthcare’s software and services-based solutions are aligned with our clients’ strategic imperatives (refer to top row in the image below). The foundation for our integrated ambulatory care platform is a core of our industry-leading electronic health records (“EHR”) and practice management (“PM”) systems that support clinical and financial activities. These can be deployed on premise or in the cloud. Our primary cloud infrastructure provider is Amazon Web Services (“AWS”). We optimize the core with an automation and workflow layer that gives our clients control over how platform capabilities are implemented to drive their desired outcomes. The workflow layer includes mobile capabilities proven to reduce physician burden. Our cloud-based population health and analytics engine allows our clients to improve results in both fee-for-service and fee-for-value environments. In support of extensibility, we surround the core with open, web-based APIs to drive the secure exchange of health and patient data with connected health solutions. Finally, to ensure our clients get maximum value from our solutions, we have augmented our technology with key services aligned with their needs, helping to ensure they reach their organizational goals.  

7

Table of Contents

Patient Engagement Solutions boost loyalty and improve outcomes by engaging patients in their own care. Our Patient Experience Platform empowers patients to manage their own health through direct patient-provider messaging, online scheduling, automated reminders, easy payment options, and virtual visits. The ability of patients to handle their own scheduling and billing frees provider staff, restoring valuable time.

NextGen® PxP Portal – Drives patient engagement and satisfaction with easy, intuitive, 24/7 access to payments, scheduling, complete personal health information, and communication. It facilitates and simplifies comprehensive information exchange, offering anytime, anywhere access from PCs, tablets, and smart phones.

NextGen® Patient Self Scheduling – A fully-integrated self-scheduling application that empowers patients to schedule the visit that works best for them with configurations that allow the practice to control virtually every facet of that interaction from visit-specific screening questions to provider-specific scheduling preferences. 

NextGen® Pay – Allows patients one integrated solution that delivers an integrated point of sale, credit card on file, automated payment collection, online and mobile compatible automated phone pay and kiosk payments.

NextGen Virtual Visits™ – Delivers a tightly integrated, bi-directional telehealth experience that allows patients to have a virtual visit with their own provider’s care team. The solution allows for screen-sharing, document passing, in-visit chat, one-touch access to interpretive services, and a "no-login" experience for patients. 

Clinical Care Solutions improve the quality and efficiency of care delivery as well as the patient and provider experience. They significantly ease the administrative burden and enable the delivery of high quality, personalized care. Providers can automate patient intake, streamline clinical workflows, and leverage vendor-agnostic interoperability to achieve quality measures and qualify for incentives.

NextGen® Enterprise EHR – Our electronic health records solution stores and maintains clinical patient information and offers a workflow module, prescription management, automatic document and letter generation, patient education, referral tracking, interfaces to billing and lab systems, physician alerts and reminders, and reporting and data analysis tools. Recognized as the #1 Electronic Medical Record (EMR) (11-75 Physicians) in the 2021 Best in KLAS Report.

NextGen® Mobile – Enables physicians and other caregivers to quickly and easily create relevant documentation within the EHR without sacrificing productivity. A true EHR mobile experience, the platform provides a fast, easy way for caregivers to view and share real-time clinical content and complete key tasks directly from their mobile device.

NextGen® Office – A cloud-based EHR and PM solution for physicians and medical billing services designed to meet the specific needs of smaller practices.

NextGen® Behavioral Health Suite – This platform integrates comprehensive physical, behavioral, and oral health in one software solution. This solution includes packet navigation, content for residential treatment programs, and electronic medication administration record (eMAR) and bed board solutions. Supported by a team of subject matter experts, this solution also provides automation, effortless interoperability, and analytics-driven medical and behavioral health workflows.  

NextGen® Orthopedic Suite – This offering supports orthopedic providers with tools, capabilities, and comprehensive ortho-specific clinical content that’s configurable to individual treatment preferences. The solution also includes point-and-click documentation of injury, exams, goals, treatments, and plans with image-enabled integrated PACS.

QSIDental Web® and QSIDental PM® – Provides dental group practices with secure and scalable, cloud-based clinical and practice management solutions. Clinical features include ePrescribing, mobile access to schedules, charts and patient demographics, template clinical notes, perio charting and referral management. Practice management solutions offer online patient registration, electronic claims submission and multiple-office appointment scheduling from any location.

Financial Management Solutions are comprised of software and provides key analytics that allow clients to drive healthy, predictable financial outcomes. More than just billing and collection services, financial management involves all functions that effectively capture revenue at the lowest cost, while providing an efficient experience for the patient. Financial management solutions help practices improve performance and correct operational inefficiencies, while enhancing the practice’s financial outcomes throughout the revenue cycle.

NextGen® Enterprise PM – Our practice management offering is a seamlessly integrated, scalable, multi-module solution that includes a master patient index, enterprise-wide appointment scheduling with referral tracking, and clinical support. It was recognized as the #1 Practice Management Solution (11-75 Physicians) for three consecutive years - 2019, 2020 and 2021 Best in KLAS Report.

NextGen® Clearinghouse Solutions – Automates the exchange of electronic data among providers, payers and patients. Included in this offering are insurance eligibility, authorizations, electronic claims, remittance, patient appointment reminders, and electronic statements.

8

Table of Contents

Population Health Solutions enable our clients’ practices to focus their clinical workforce on the patients with the greatest need. We do this by providing a single source of truth by aggregating disparate data, including vendor-agnostic clinical data with paid claims data. Sophisticated analytics are applied to this data to generate insights that enable practices to improve the quality of care, identify high risk patients who require enriched services, and coordinate the care of patients with chronic conditions. Cost and utilization analytics allow practices to successfully participate in risk-bearing contracts by providing timely insights into areas of over-utilization, under-utilization and mis-utilization of healthcare resources.

NextGen® Population Health Core – Delivers robust capabilities for core population health insights using integrated clinical and claims data to support both broad and deep analysis for populations of interest (attribute visualization, risk stratification, gaps in care, etc.).

NextGen® Population Health Value Management – Supports proactive value-based contract management including in-network utilization management network design (geospatial view of network), clinical variation analysis, and a wide range of resource utilization metrics.

NextGen® Population Health Patient Care Management – Enables scalable management of care and payment reform initiatives driven by collaborative care and workflow automation. Stratifies risk and prioritizes resources. The platform provides a dynamic patient specific care plan builder as well as a longitudinal care management record, and dedicated care management future reminder and tasking tools. A unique feature of our offering includes analytics driven patient outreach facilitating care coordinators’ ability to automate communications with patients based on quality initiatives and value-based contract commitments.

Connected Health Solutions enable better care by ensuring the patient and provider are making decisions based on the patient’s full medical record. Interoperability is the ability of different information technology systems to communicate and exchange usable data. In healthcare, it enables caregivers to more effectively work together within and across organizational boundaries, and informed patients to be better equipped to collaborate on their own care. To provide the highest quality care at the lowest cost, organizations must capture and share information both within and across organizational boundaries outside their networks. In addition, interoperability must be frictionless and easy to implement or the opportunity to inform patient care will be missed. Our integrated, interoperable solutions and services enable providers to leverage their current technology for better outcomes and truly connected patient care.

NextGen® Connect Integration Engine – Enables patient data from disparate systems to be easily and securely shared, aggregated, and put to work, regardless of EHR, PM, or other HIT platform or location.

NextGen® Share – A broad and expanding suite of plug-and-play interoperability solutions which help NextGen® Enterprise EHR users safely and securely exchange clinical content with external providers and organizations. The platform includes support for secure direct messaging with more than 1.2 million providers and organizations, care quality integration to enable automated data exchange on behalf of nearly 240 million patients, and clinical data exchange interfaces with payers.

NextGen® Health Data Hub (HDH) – A fully redesigned data aggregation platform to meet the expanding market demand for robust data sharing, aggregation, and community access. HDH was built from the ground-up to provide comprehensive, continuous access to aggregated patient health data on a robust, reliable, platform that will enable system-wide connectivity, and support the growing enterprise data management needs for HIEs, hospitals and large ambulatory practices.

NextGen Healthcare provides real-world solutions to our clients to help them achieve their strategic objectives. Often, but not always, those software solutions are augmented with key services. Through these services we enable clients to perform better financially and focus on their primary mission of providing efficient and high-quality patient care. We believe COVID-19 will increase client appetite to outsource non-core services and that NextGen Healthcare is well-positioned to be their partner in these areas.

Managed Services

NextGen® Managed Cloud Services – Our scalable, cloud hosting services reduce the burden of information technology expertise from our clients and speed implementations, simplify upgrades, cut technology costs significantly and provide 24/7 monitoring and support by a broad and constantly expanding team of technical experts

NextGen® Revenue Cycle Management Services – Includes billing and collections, electronic claims submission and denials management, electronic remittance and payment posting and accounts receivable follow-up. Our dedicated account management model helps make NextGen Healthcare a top-performing provider of RCMS as reported in the 2020 KLAS Ambulatory RCM Services Report.

Professional Services – Services include training, project management, functional and detailed specification preparation, configuration, testing, and installation services. Our consulting services, which include physician, professional, and technical consulting, assisting clients to optimize their staffing and software solutions, enhance financial and clinical outcomes, achieve regulatory requirements in the drive to value-based care, and meet the evolving requirements of healthcare reform.

9

Table of Contents

Client Service and Support – Our technical services staff provides support for the dependable and timely resolution of technical inquiries from clients. Such inquiries are made via telephone, email and the internet. We offer several levels of support, with the most comprehensive service covering 24 hours a day, seven days a week.

Proprietary Rights

We rely on a combination of patents, copyrights, trademarks, service marks, trade secrets, and contractual restrictions to establish and protect proprietary rights in our products and services. To protect our proprietary rights, we enter into confidentiality agreements and invention assignment agreements with our employees with whom such controls are relevant. In addition, we include intellectual property protective provisions in our client and other third-party contracts and control access to software, documentation and other proprietary information. However, because the software industry is characterized by rapid technological change, we believe such factors as the technological and creative skills of our personnel, new product developments, frequent product enhancements, name recognition, and reliable product maintenance are more important to establishing and maintaining a technology leadership position than the various legal protections of our technology.

We rely on intellectual property obtained from third parties for certain components of our products and services. These components enhance our products and services and help meet evolving client needs. The failure to license any necessary technology, or to maintain our existing licenses, could result in reduced functionality of or reduced demand for our products.

Although we believe our products and services, and other proprietary rights, do not infringe upon the proprietary rights of third parties, third parties may assert intellectual property infringement claims against us in the future. Any such claims may result in costly, time-consuming litigation and may require us to enter into royalty or cross-license arrangements.

Competition

The markets for healthcare information systems and services are intensely competitive and highly fragmented. Our traditional full-suite competitors in the healthcare information systems and services market include: Allscripts Healthcare Solutions, Inc., athenahealth, Inc., Cerner Corporation, eClinicalWorks, Epic Systems Corporation, and Greenway Health, LLC. Emerging smaller competitors also bring competition in specific sectors of the market. Additionally, we face competition from services-only competitors like business process outsourcers, hosting providers and transcription companies.

The EHR, PM, interoperability, and connectivity markets, in particular, are subject to rapid changes in technology. We expect that competition in these market segments could increase as new competitors enter the market. We believe our principal competitive advantages are our ambulatory-only focus, our comprehensive and fully-integrated solution, and our deep domain expertise, which enables our subject matter experts to serve as trusted advisors to our clients.

Privacy and Security

Our business operations involve hosting, storing, processing and transmitting confidential information including patient health information and payment card information. In addition to single-tenant environments, we operate unified, multi-tenant platforms that offer reliability, scalability, performance, security and privacy for our clients. Our infrastructure resides in several geographically diverse regions across the United States. We maintain a comprehensive security program designed to help safeguard the confidentiality, integrity and availability of our clients’ data, which includes both organizational and technical control measures and the security and privacy of our service offerings. We also have systems in place to monitor the safety of patient information as well as procedures designed to take immediate action in the event of a security incident.

We have the industry’s most well-respected certifications starting with Health Information Trust Alliance (“HITRUST”) Common Security Framework (“CSF”), which provides a process to standardize Health Insurance Portability and Accountability Act (“HIPAA”) compliance and coordinate it with other national and international data security frameworks and many state laws. We also maintain Payment Card Industry Data Security Standard (“PCI-DSS”) Level 1 Service Provider, which allows us to minimize our clients’ PCI scope. In addition, we are a DirectTrust Health Information Service Provider (“HISP”) while maintaining compliance with Security Organization Control 2, or SOC 2 Type II, across the domains of Privacy, Security, Confidentiality, and Availability. These audits and certifications help with our client’s third-party assurance programs to ensure we are meeting or exceeding HIPAA and other regulatory guidelines.

While we have implemented physical, technical, and administrative safeguards designed to help protect our systems, in the event of a system interruption, security incident, or breach, these safeguards may not prevent future cybersecurity incidents or breaches. We have a comprehensive and documented Information Security Management Program designed to secure the data within our infrastructure and provide appropriate reporting disclosure, and response which also includes testing for assurance. In addition, all of our associates are required to complete annual cybersecurity training, HIPAA training, and PCI DSS training. These training modules are reviewed annually to ensure compliance with the latest regulatory guidelines, laws, and industry best practices. All policies and procedures are made available to all employees through a Company intranet, and acknowledgement of these is required at time of hire. Our Privacy Policy is made available for our customers on a public facing website.

10

Table of Contents

Managing Cybersecurity Risks

Our business operations involve hosting, storing, processing and transmitting confidential information including patient health information. We have implemented physical, technical, and administrative safeguards designed to help protect our systems, in the event of a system interruption, security incident, or breach. However, these safeguards may not prevent future cybersecurity incidents or breaches. We have a comprehensive and documented Information Security Management Program designed to secure the data within our infrastructure and provide appropriate reporting disclosure, and response. Some incidents require us to notify our clients, executive team, and our Board of Directors. This notification process is documented and tested.

We have a comprehensive training and awareness program which includes on-going awareness simulations, required training, supplemental training and cross-functional incident response testing. In addition, all of our associates are required to complete annual cybersecurity training, HIPAA training, and PCI DSS training. These training modules are reviewed annually to ensure compliance with the latest regulatory guidelines, laws, and industry best practices. Training modules include information on how our associates can ensure they are meeting our security requirements while working in a remote environment.

Risk assessment is the component of our internal control environment that involves identifying and analyzing risks (both internal and external) relevant to achieving business objectives. We have implemented operational processes to identify and manage risks that could affect our availability to provide reliable services. These processes require management to identify significant risks inherent in providing services for clients and to implement appropriate measures to monitor and manage these risks. Annually, we re-evaluate and determine appropriate amounts of cybersecurity insurance required based on business and privacy impact assessments. A bona fide annual risk assessment, per HIPAA guidelines, is performed and validated by a third‐party company. The third‐party assessor conducts interviews with key stakeholders and performs penetration testing, evidence collection and on‐site analysis. Formal rating systems determine if remediation strategies are warranted, and if so, a remediation plan is enacted. This report is reviewed and approved by the Chief Information Security Office (“CISO”) and reported to the appropriate upper management and Board of Directors. Meetings are conducted by the information systems team weekly to review and identify risks through the change management process. Meetings are held to ensure that projects, risks, compliance, federal regulations and personnel are in line with Company goals regarding security and compliance. Continuity and resiliency planning are based on National Institute of Standards and Technology (“NIST”) cybersecurity best practices and tested no less than annually.

A comprehensive assurance program is maintained with oversight by our CISO, which is included with the company procurement gating process.  Administrative and technical assessments are conducted prior to contract signing with any third-party.  On-going risk-based reviews are conducted and reported to executive leadership. The Company’s control consciousness is influenced significantly by its Board of Directors and Audit Committee. While the management of our business is delegated to the management team, the Board of Directors oversees management’s execution of the Company’s business activities.

Research and Development

The healthcare information systems and services industry is characterized by rapid technological change, requiring us to engage in continuing investments in our research and development to update, enhance and improve our systems. This includes expansion of our software and service offerings that support pay-for-performance and value-based contracting initiatives around accountable care organizations, bringing greater ease of use and intuitiveness to our software products, enhancing our managed cloud and hosting services to lower our clients' total cost of ownership, expanding our interoperability and enterprise analytics capabilities, and furthering development and enhancements of our portfolio of specialty-focused templates within our electronic health records software.

Sales and Marketing

We sell and market our products primarily through a direct sales force and to a significantly lesser extent, through a reseller channel. NextGen Healthcare also provides solutions to networks of practices such as MSOs, IPAs, ACOs, ambulatory care centers (“ACCs”), and community health centers (“CHCs”). Our direct sales force is comprised of sales executives and account executives, who seek to understand the client strategy and identify the opportunities in their practice and build both a multistage roadmap to reach the desired end state. For large clients, we use both inside and outside sales where efforts are a mix of on-site as well as web based. For smaller clients, efforts are all inside sales via web and phone, all of whom deliver presentations to potential clients by demonstrating our systems and capabilities either on prospective client’s premises or through video meeting and web-based presentations. System demonstrations for mobile workflow and analytics solutions are more web-based as these offerings tend to be targeted to larger practices. Both the direct and reseller channel salesforces concentrate on multi-product/solution sales opportunities. Our sales and marketing employees identify prospective clients through a variety of means, including: a healthcare data and analytics platform, search engine optimization and value exchange content on nextgen.com; digital advertising; direct mail and email campaigns; referrals from existing clients and industry consultants; contacts at professional society meetings and trade shows (online and in person); webinars; public relations and social media campaigns; and telemarketing. Resources have shifted more heavily to digital marketing as we meet potential clients where they are and how they shop for services. Additionally, we focus on thought leadership and content marketing to highlight our industry knowledge, expertise and the successes of our diverse client base. On the larger end of the range, our sales cycle can vary significantly and typically ranges from six to 18 months from initial contact to contract

11

Table of Contents

execution. Smaller practices on NextGen Office tend to have significantly shorter sales cycles ranging in weeks. Historically, software licenses were delivered to clients upon receipt of an order and we received up-front licensing fees. Implementation and training services are typically rendered based on a mutually agreed upon timetable. Moving forward, we expect more of our transactions to move to subscriptions. Clients have the option to purchase hosting and maintenance services, which are invoiced on a monthly, quarterly or annual basis. Subscriptions are delivered electronically after the agreement is signed. They generally include implementation and are typically billed monthly after implementation or based on volume or throughput. We continue to concentrate our direct sales and marketing efforts on the ambulatory market from large multi-specialty organizations to small-single specialty practices in high-opportunity specialty segments.

We have numerous clients and do not believe that the loss of any single client would adversely affect us. No client accounted for 10% or more of our net revenue during each of the years ended March 31, 2021, 2020 and 2019. In addition, software license sales to resellers represented less than 10% of total revenue for each of the years ended March 31, 2021, 2020 and 2019. Substantially all of our clients are located in the United States.

Human Capital

Workforce Statistics

As of March 31, 2021, NextGen Healthcare had approximately 2,564 full-time employees, approximately 714 of whom were based in Bangalore, India with the remainder located in the United States. None of our employees are covered by a collective bargaining agreement or are represented by a labor union.

Talent Recruitment

We recognize and value our employees as unique contributors through their entire journey at NextGen Healthcare. As such, we have a thoughtful and tailored approach to attracting, developing and retaining talent. We seek highly qualified applicants from a variety of sources with an increased focus on recruiting diverse talent. To ensure transparency and with a desire to mitigate bias, we conduct panel and round robin interviews for hiring and promotion. Discover NextGen, our adventure-based onboarding experience, provides a deep and broad picture of the organization with recognition that employees’ first few weeks on the job potentially cement their commitment to the company and culture.

Talent Retention and Development

We provide a career framework for our employees enabling their career development either within a single career track or through the ability to traverse multiple career ladders as they refine or optimize their development. Our Talent Community connects interested employees with internal functional subject matter experts to share job information including knowledge and skills required for advancement. We are committed to developing our employees through a culture of learning. We maintain an organizational development group focused on all aspects of employee development, including management and leadership through our LEAD framework and skill building. We also sponsor 24/7 on-demand training for employee certifications and relevant career-based skillsets and provide education reimbursement for continued education.

Diversity

We recognize our responsibility and strategic opportunity to champion varied viewpoints, culture and expertise. Our Diversity, Equity & Inclusion strategy includes goals around recruiting, retaining and developing diverse employees and leaders in the Company. Our Employee Resource Groups (“ERGs”) focus their efforts on career, culture, market and community. These ERGs include: AAPI (Asian American Pacific Islander), ABLED (Awareness Benefiting Leadership & Employees About Disabilities), beiNG (Black Equity and Inclusion at NextGen), Cultural Diversity, Generational and Allies, LatinX. LGBTQ+, Military/Veterans and Allies, Remote Engagement, Working Parents, and Women-In-Tech. Our ERGs communicate directly with senior leadership through Listening Sessions with our CEO and other C-level executives. We also provide and promote employee training on harassment prevention, cultivating a respectful workplace and elimination of unconscious bias. We regularly engage with our Board of Directors on strategies, participation, and impact of these initiatives.

Employee Compensation

In recognition of the competitive talent landscape, we have a standing subcommittee on Total Rewards. Our comprehensive approach to compensation includes performance-based merit and bonus rewards. Additionally, long term incentives, 401(k) plan and match, and the Employee Stock Purchase Plan round out our reward strategy. To ensure we support pay equity, we conduct compensation analyses semi-annually in alignment with pay equity training for managers.

Culture and Engagement

NextGen Healthcare understands the vital importance of engaged employees to create a high potential community. We closely track our engagement and culture scores through an annual VOTE (Voice of The Employee) survey and on a monthly basis through our Employee Experience Monitor. We provide our team members with safe and confidential channels to voice concerns and receive a response and ensure they have access to members of our executive leadership team. Employees receive training on ethics and our code of conduct, including how to make reports on our ethics hotline. Our regularly

12

Table of Contents

scheduled Town Halls with all employees have become a vital part of our culture of community building. Our Board of Directors receive regular updates on employee engagement and satisfaction issues.

We believe that supporting community and volunteer service among our employees builds a strong culture and caring leaders. Each year, we sponsor NextGen Days of Caring during which our employees can volunteer for external charitable organizations. Our NextGen Cares program also allows employees to donate vacation time to help colleagues who have experienced natural disaster or tragedy. We also encourage our employees to participate in volunteer activities by providing the benefit of paid time off to volunteer through our Volunteer Time Off program.

Our Bangalore development center in India, under the leadership of its Corporate Social Responsibility Committee, conducts community relations activities every quarter to advance and support women’s empowerment, improve health, support education and help fight poverty.

Health & Safety

Our health and welfare plans reflect our desire to support our employees in a holistic way. Our healthcare plans are the cornerstone of the program, supplemented with additional insurance, an Employee Assistance Program, and time off plans including PTO, sick leave and parental leave. We also support our employees’ well-being through an integrated online platform that offers a variety of ‘campuses’ such as Family Care, Financial, New Hire, Wellness and Life Events. The campuses provide resources and access to certain programs/benefits relating to childcare, children of aging parents, gym membership, health coaching and more.

COVID-19

Our immediate and most pressing concern regarding the COVID-19 pandemic was and continues to be the safety and well-being of our employees and their families. Commencing in March 2020, we implemented immediate safety measures to protect our employees, including transitioning the vast majority of our employees to remote work and implementing policies and procedures to protect the health and safety of our employees who have continued on-site work. Our virtual business productivity team keeps our employees engaged with resources to help adapt to working remotely, remain productive and avoid burnout. Our business continuity health and safety team regularly share information and guidance on all pandemic updates through our internal health and safety communication channel.

Available Information

Our principal website is www.nextgen.com. We make our periodic and current reports, together with amendments to these reports, filed or furnished pursuant to Section 13(a) or 15(d) of the Securities Exchange Act of 1934, as amended, available on our website, free of charge, as soon as reasonably practicable after such material is electronically filed with, or furnished to, the SEC. You may access such filings through our Investor Relations website at http://investor.nextgen.com. The SEC maintains an internet site at www.sec.gov that contains the reports, proxy statements and other information that we file electronically with the SEC. Our website and the information contained therein or connected thereto is not intended to be incorporated into this Report or any other report or information we file with the SEC. We also use the following social media channels as a means of disclosing information about the company, our platform, our planned financial and other announcements and attendance at upcoming investor and industry conferences:

We encourage our investors and others to review the information we make public in these locations as such information could be deemed to be material information. Please note that this list may be updated from time to time.

13

Table of Contents

ITEM 1A. RISK FACTORS

You should carefully consider the risks described below, as well as the other cautionary statements and risks described elsewhere and the other information contained in this Report and in our other filings with the SEC, including subsequent Quarterly Reports on Form 10-Q and Current Reports on Form 8-K. We operate in a rapidly changing environment that involves a number of risks. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties not presently known to us or that we currently deem immaterial may also affect our business operations. If any of these known or unknown risks actually occur, our business, financial condition or results of operations could be materially and adversely affected, in which case the trading price of our common stock may decline and you may lose all or part of your investment.

Risks Related to COVID-19

The novel coronavirus (“COVID-19”) pandemic has adversely impacted and could continue to adversely impact the business, results of operations, financial condition, liquidity and cash flows of us and our clients. The COVID-19 global pandemic and efforts to control its spread have had an ongoing impact on our operations, including India where we have significant operations, as well as on the operations of our healthcare clients. For example, commencing in March 2020, the COVID-19 pandemic caused declines in patient volumes, which negatively impacted our revenue in the fourth quarter of fiscal 2020, most notably for purchases of software and hardware. The impact of the disruption also impacted the first half of fiscal 2021, primarily in managed services and EDI, which are volume driven.

We may experience further negative financial impact due to a number of factors, including without limitation:

The extent to which the COVID-19 pandemic will continue to impact our financial condition and results of operations will depend on future developments, which are highly uncertain and difficult to predict, including but not limited to the duration and severity of the pandemic, resurgences or additional “waves” of outbreaks of the virus in various jurisdictions (including new strains or mutations of the virus), the impact of the pandemic on economic activity, the actions taken by health authorities and policy makers to contain its impacts on public health and the global economy, and the effectiveness of vaccines. Even after the COVID-19 pandemic has subsided, we may experience material adverse impacts to our business as a result of the global or U.S. economic impact and any recession that has occurred or may occur in the future. Additionally, concerns over the economic impact of the COVID-19 pandemic have caused extreme volatility in financial and capital markets which has and may continue to adversely impact our stock price and may adversely impact our ability to access capital markets. The COVID-19 pandemic may also have the effect of heightening many of the other risks described below, such as those relating to our products and services, sales cycles and implementation schedules, the retention of key employees, financial performance and debt obligations.

Risks Related to Our Business

We face significant, evolving competition which, if we fail to properly address, could adversely affect our business, results of operations, financial condition and price of our stock. The markets for healthcare information systems are intensely competitive, and we face significant competition from a number of different sources. Several of our competitors have substantially greater name recognition and financial, technical, product development and marketing resources than we do. Some of our larger competitors, who have greater scale than we do, have and may continue to become more active in our markets both through internal development and acquisitions. Moreover, we expect that competition will continue to increase as a result of potential incentives provided by government programs and as a result of consolidation in both the IT and healthcare industries. Transaction induced pressures, or other related factors may result in price erosion or other negative market dynamics that could adversely affect our business, results of operations, financial condition and price of our stock.

Competitive pressures and other factors, such as new product introductions by us or our competitors, may result in price or market share erosion that could adversely affect our business, results of operations and financial condition. There can be no assurance that we will be successful in developing and marketing new products that respond to technological changes or evolving industry standards. If we are unable, for technological or other reasons, to develop and introduce new products in a timely manner in response or user needs to changing market conditions or client requirements, our business, results of

14

Table of Contents

operations and financial condition may be adversely affected. Also, there can be no assurance that our applications will achieve broad market acceptance or will successfully compete with other available software products. If we fail to distinguish our offerings from other options available to healthcare providers, the demand for and market share of our offerings may decrease. In response to increasing market demand, we are currently developing new generations of targeted software products. There can be no assurance that we will successfully develop these new software products or that these products will operate successfully, or that any such development, even if successful, will be completed concurrently with or prior to introduction of competing products. Any such failure or delay could adversely affect our competitive position or could make our current products obsolete.

Saturation or consolidation in the healthcare industry could result in the loss of existing clients, a reduction in our potential client base and downward pressure on the prices for our products and services. As the healthcare information systems market evolves, saturation of this market with our products or our competitors' products could limit our revenues and opportunities for growth. There has also been increasing consolidation amongst healthcare industry participants in recent years, creating integrated healthcare delivery systems with greater market power. As provider networks and managed care organizations consolidate, the number of market participants decreases and competition to provide products and services like ours will become more intense. Our inability to make initial sales of our systems to, or maintain relationships with, newly formed groups and/or healthcare providers that are replacing or substantially modifying their healthcare information systems, or, if we were forced to reduce our prices, could adversely affect our business, results of operations and financial condition.

Uncertainty in global economic and political conditions may negatively impact our business, operating results or financial condition. Global economic and political uncertainty have caused in the past, and may cause in the future, unfavorable business conditions such as a general tightening in the credit markets, lower levels of liquidity, increases in the rates of default and bankruptcy and extreme volatility in credit, equity and fixed income markets. These macroeconomic conditions could negatively affect our business, operating results or financial condition in a number of ways. Instability can make it difficult for our clients, our vendors, and us to accurately forecast and plan future business activities and could cause constrained spending on our products and services, delays and a lengthening of our sales cycles and/or difficulty in collection of our accounts receivable. Current or potential clients may be unable to fund software purchases, which could cause them to delay, decrease or cancel purchases of our products and services or to not pay us or to delay paying us for previously purchased products and services. Our clients may cease business operations or conduct business on a greatly reduced basis. Bankruptcies or similar insolvency events affecting our clients may cause us to incur bad debt expense at levels higher than historically anticipated. Further, economic instability could limit our ability to access the capital markets at a time when we would like, or need, to raise capital, which could have an impact on our ability to react to changing business conditions or new opportunities. Finally, our investment portfolio is generally subject to general credit, liquidity, counterparty, market and interest rate risks that may be exacerbated by these global financial conditions. If the banking system or the fixed income, credit or equity markets deteriorate or remain volatile, our investment portfolio may be impacted and the values and liquidity of our investments could be adversely affected as well.

Our relationships with strategic partners may fail to benefit us as expected. We face risk and/or the possibility of claims from activities related to strategic partners, which could be expensive and time-consuming, divert personnel and other resources from our business and result in adverse publicity that could harm our business. We rely on third parties to provide services for our business. These third parties could raise their prices and/or be acquired by our competitors, which could potentially create short and long-term disruptions to our business, negatively impacting our revenue, profit and/or stock price. We also have relationships with certain third parties where these third parties serve as sales channels through which we generate a portion of our revenue. Due to these third-party relationships, we could be subject to claims as a result of the activities, products, or services of these third-party service providers even though we were not directly involved in the circumstances leading to those claims. Even if these claims do not result in liability to us, defending and investigating these claims could be expensive and time-consuming, divert personnel and other resources from our business and result in adverse publicity that could harm our business. In addition, our strategic partners may compete with us in some or all of the markets in which we operate.

We have acquired companies, and may engage in future acquisitions, which may be expensive, time consuming, subject to inherent risks and from which we may not realize anticipated benefits. Historically, we have acquired numerous businesses, technologies, and products. We may acquire additional businesses, technologies and products if we determine that these additional businesses, technologies and products are likely to serve our strategic goals. Acquisitions have inherent risks, which may have a material adverse effect on our business, financial condition, operating results or prospects, including, but not limited to the following: (i) failure to achieve projected synergies and performance targets; (ii) potentially dilutive issuances of our securities, the incurrence of debt and contingent liabilities and amortization expenses related to intangible assets with indefinite useful lives, which could adversely affect our results of operations and financial condition; (iii) using cash as acquisition currency may adversely affect interest or investment income, which may in turn adversely affect our earnings and /or earnings per share; (iv) unanticipated expenses or difficulty in fully or effectively integrating or retaining the acquired technologies, software products, services, business practices, management teams or personnel, which would prevent us from realizing the intended benefits of the acquisition; (v) failure to maintain uniform standard controls, policies and procedures across acquired businesses; (vi) difficulty in predicting and responding to issues related to product transition such as development, distribution and client support; (vii) the assumption of known and unknown liabilities; (viii) the possibility that the due diligence process in any such acquisition may not completely identify material issues associated with product quality, product architecture, product development, intellectual property issues, regulatory risks,

15

Table of Contents

compliance risks, key personnel issues or legal and financial contingencies, including any deficiencies in internal controls and procedures and the costs associated with remedying such deficiencies; and (ix) the possibility that acquired assets become impaired, or that acquired assets lead us to determine that existing assets become impaired, requiring us to take a charge to earnings which could be significant. A failure to successfully integrate acquired businesses or technology could, for any of these reasons, have an adverse effect on our financial condition and results of operations.

Our failure to manage growth could harm our business, results of operations and financial condition. We have in the past experienced periods of growth which have placed, and may continue to place, a significant strain on our non-cash resources. We have also expanded our overall software development, marketing, sales, client management and implementation and training capacity, and may do so in the future. In the event we are unable to identify, hire, train and retain qualified individuals in such capacities within a reasonable timeframe, such failure could have an adverse effect on the operation of our business. The failure of our management to effectively manage expansion in our business could have an adverse effect on our business, results of operations and financial condition.

We may experience reduced revenues and/or be forced to reduce our prices. We may be subject to pricing pressures with respect to our future sales arising from various sources, including amount other things, government action affecting reimbursement levels. Our clients and the other entities with which we have business relationships are affected by changes in statutes, regulations, and limitations on government spending for Medicare, Medicaid, and other programs. Recent government actions and future legislative and administrative changes could limit government spending for Medicare and Medicaid programs, limit payments to healthcare providers, increase emphasis on competition, impose price controls, initiate new and expanded value-based reimbursement programs and create other programs that potentially could have an adverse effect on our business. If we experience significant downward pricing pressure, our revenues may decline along with our ability to absorb overhead costs, which may leave our business less profitable.

Our operations are dependent upon attracting and retaining key personnel. If such personnel were to leave unexpectedly, we may not be able to execute our business plan. Our future performance depends in significant part upon the continued service of our key development and senior management personnel and successful recruitment of new talent. These personnel have specialized knowledge and skills with respect to our business and our industry. The industry in which we operate is characterized by a high level of employee mobility and aggressive recruiting of skilled personnel. There can be no assurance that our current employees will continue to work for us. Loss of services of key employees could have an adverse effect on our business, results of operations and financial condition. Furthermore, we may need to grant additional equity incentives to key employees and provide other forms of incentive compensation to attract and retain such key personnel. Equity incentives may be dilutive to our per share financial performance. Failure to provide such types of incentive compensation could jeopardize our recruitment and retention capabilities.

We may be subject to harassment or discrimination claims and legal proceedings, and our inability or failure to respond to and effectively manage publicity related to such claims could adversely impact our business. Our Code of Business Conduct and Ethics and other employment policies prohibit harassment and discrimination in the workplace, in sexual or in any other form. We have ongoing programs for workplace training and compliance, and we investigate and take disciplinary action with respect to alleged violations. However, actions by our employees could violate those policies. With the increased use of social media platforms, including blogs, chat platforms, social media websites, and other forms of Internet-based communications that allow individuals access to a broad audience, there has been an increase in the speed and accessibility of information dissemination. The dissemination of information via social media, including information about alleged harassment, discrimination or other claims, could harm our business, brand, reputation, financial condition, and results of operations, regardless of the information's accuracy.

If we are unable to manage our growth in the new markets we may enter, our business and financial results could suffer. Our future financial results will depend in part on our ability to profitably manage our business in new markets that we may enter. We are engaging in the strategic identification of, and competition for, growth and expansion opportunities in new markets or offerings, including but not limited to the areas of interoperability, patient engagements, data analytics and population health. With several of our recent acquisitions, we have expanded into the market for cloud-based EHR products. It remains uncertain whether the market for cloud-based products will expand to the levels of demand and market acceptance we anticipate, and there can be no assurance that we will be able to successfully scale the acquired companies’ products to meet our clients’ expectations. In addition, as clients move from fee-for-service to fee-for-value reimbursement strategies in conjunction with the adoption of population health business models, we may not make appropriate and timely changes to our service offerings consistent with shifts in market demands and expectations. In order to successfully execute on our growth initiatives, we will need to, among other things, manage changing business conditions, anticipate and react to changes in the regulatory environment, and develop expertise in areas outside of our business's traditional core competencies. Difficulties in managing future growth in new markets could have a significant negative impact on our business, financial condition and results of operations.

16

Table of Contents

We may not be successful in developing or launching our new software products and services, which could have a negative impact on our financial condition and results of operations. We invest significant resources in the research and development of new and enhanced software products and services. Over the last few years we have incurred, and will continue to incur, significant internal research and development expenses, a portion of which have been and may continue to be recorded as capitalized software costs. We cannot provide assurances that we will be successful in our efforts to plan, develop, sell or implement new software products that meet client expectations, which could result in an impairment of the value of the related capitalized software costs, an adverse effect on our financial condition and operating results and a negative impact the future of our business. Additionally, we cannot be assured that we will continue to capitalize software development costs to the same extent as we have done to date, as the result of changes in development methodologies and other factors. To the extent that we capitalize a lower percentage of total software development costs, our earnings could be reduced.

We have substantial development and other operations in India, and we use offshore third-party partners located in India and other countries that subject us to regulatory, economic, social and political uncertainties in India and to laws applicable to U.S. companies operating overseas. We are subject to several risks associated with having a portion of our assets and operations located in India and by using third party service providers in India and other countries. Many U.S. companies have benefited from many policies of the Government of India and the Indian state governments in the states in which we operate, which are designed to promote foreign investment generally and the business process services industry in particular, including significant tax incentives, relaxation of regulatory restrictions, liberalized import and export duties and preferential rules on foreign investment and repatriation. There is no assurance that such policies will continue. Various factors, such as changes in the current Government of India, could trigger significant changes in India’s economic liberalization and deregulation policies and disrupt business and economic conditions in India generally and our business in particular. In addition, our financial performance and the market price of our common stock may be adversely affected by general economic conditions and economic and fiscal policy in India, including changes in exchange rates and controls, interest rates and taxation policies, as well as social stability and political, economic or diplomatic developments affecting India in the future. In particular, India has experienced significant economic growth over the last several years, but faces major challenges in sustaining that growth in the years ahead. These challenges include the need for substantial infrastructure development and improving access to healthcare and education. Our ability to recruit, train and retain qualified employees, develop and operate our captive facility could be adversely affected if India does not successfully meet these challenges. In addition, U.S. governing authorities may pressure us to perform work domestically rather than using offshore resources. Furthermore, local laws and customs in India may differ from those in the U.S. For example, it may be a local custom for businesses to engage in practices that are prohibited by our internal policies and procedures or U.S. laws and regulations applicable to us, such as the Foreign Corrupt Practices Act (“FCPA”). The FCPA generally prohibits U.S. companies from giving or offering money, gifts, or anything of value to a foreign official to obtain or retain business and requires businesses to make and keep accurate books and records and a system of internal accounting controls. We cannot guarantee that our employees, contractors, and agents will comply with all of our FCPA compliance policies and procedures. If we or our employees, contractors, or agents fail to comply with the requirements of the FCPA or similar legislation, government authorities in the U.S. and elsewhere could seek to impose civil or criminal fines and penalties which could have a material adverse effect on our business, operating results, and financial condition.

We face the risks and uncertainties that are associated with litigation and investigations, which may adversely impact our marketing, distract management and have a negative impact upon our business, results of operations and financial condition. We face the risks associated with litigation and investigations concerning the operation of our business, including claims by clients regarding product and contract disputes, by other third parties asserting infringement of intellectual property rights, by current and former employees regarding certain employment matters, by certain shareholders, and by governmental and regulatory bodies for failures to comply with applicable laws. The uncertainty associated with substantial unresolved disputes may have an adverse effect on our business. In particular, such disputes could impair our relationships with existing clients and our ability to obtain new clients. Defending litigation and investigative matters may require substantial cost and may result in a diversion of management's time and attention away from business operations, which could have an adverse effect on our business, results of operations and financial condition.

Commencing in April 2017, we have received requests for documents and information from the United States Attorney's Office for the District of Vermont and other government agencies in connection with an investigation concerning the certification we obtained for our software under the United States Department of Health and Human Services' Electronic Health Record (EHR) Incentive Program. The requests for information relate to, among other things: (a) data used to determine objectives and measures under the Meaningful Use (“MU”) and the Physician Quality Reporting System (“PQRS”) programs, (b) EHR software code used in certifying our software and information, and (c) payments provided for the referral of EHR business. Since 2017, we have received multiple additional requests for documents and information involving these and related topics. We have responded to each request and continue to cooperate in this investigation. Requests and investigations of this nature may lead to future requests for information and ultimately the assertion of claims or the commencement of legal proceedings against us, as well as other material liabilities. In addition, our responses to these and any future requests require time and effort, which can result in additional cost to us. Given the highly-regulated nature of our industry, we may, from time to time, be subject to subpoenas, requests for information, or investigations from various government agencies. It is our practice to respond to such matters in a cooperative, thorough and timely manner.

17

Table of Contents

There can be no assurance that such litigation and investigations will not result in liability in excess of our insurance coverage, that our insurance will cover such claims or that appropriate insurance will continue to be available to us in the future at commercially reasonable rates. In addition, any enforcement action by a government agency may result in fines, damage awards, regulatory consequences or other sanctions which could have a material adverse effect, individually or collectively, on the Company’s liquidity, financial condition or results of operations.

We may be impacted by IT system failures or other disruptions. We may be subject to IT systems failures and network disruptions. These may be caused by natural disasters, accidents, power disruptions, telecommunications failures, acts of terrorism or war, computer viruses, malware, physical or electronic break-ins, or other events or disruptions. System redundancy may be ineffective or inadequate, and our disaster recovery planning may not be sufficient for all eventualities. Such failures or disruptions could prevent access to or the delivery of certain of our products or services, compromise our data or our clients’ data, or result in delayed or cancelled orders as well as potentially expose us to third party claims. System failures and disruptions could also impede our transactions processing services and financial reporting.

Our business operations are subject to interruption by, among other, natural disasters, fire, power shortages, terrorist attacks, and other hostile acts, labor disputes, public health issues, and other issues beyond our control. Such events could decrease our demand for our products or services or make it difficult or impossible for us to develop and deliver our products or services to our clients. A significant portion of our research and development activities, our corporate headquarters, our IT systems, and certain of our other critical business operations are concentrated in a few geographic areas. In the event of a business disruption in one or more of those areas, we could incur significant losses, require substantial recovery time, and experience significant expenditures in order to resume operations, which could materially and adversely impact our business, financial condition, and operating results.

We have had to take charges due to asset impairments, and we could suffer further charges due to asset impairment that could reduce our income. We test our goodwill for impairment annually during our first fiscal quarter, and on interim dates should events or changes in circumstances indicate the carrying value of goodwill may not be recoverable in accordance with the relevant accounting guidance. In the past, we have recorded sizeable goodwill impairment charges, and we may need to do so in the future. Declines in business performance or other factors could cause the fair value of any of our operating segments to be revised downward, resulting in further impairment charges. If the financial outlook for any of our operating segments warrants additional impairments of goodwill, the resulting write-downs could materially affect our reported net earnings.

We face risks related to litigation advanced by a former director and shareholder of ours. On October 7, 2013, a complaint was filed against our Company and certain of our officers and directors in the Superior Court of the State of California for the County of Orange, captioned Ahmed D. Hussein v. Sheldon Razin, Steven Plochocki, Quality Systems, Inc. and Does 1-10, inclusive, No. 30-2013-00679600-CU-NP-CJC, by Ahmed Hussein, a former director and significant shareholder of our Company. After the court sustained our demurrer to the initial complaint, Hussein filed an amended complaint on April 25, 2014. The amended complaint generally alleges fraud and deceit, constructive fraud, negligent misrepresentation and breach of fiduciary duty in connection with statements made to our shareholders regarding our financial condition and projected future performance. The amended complaint seeks actual damages, exemplary and punitive damages and costs. Hussein’s breach of fiduciary duty claims were dismissed on demurrer, and we filed an answer and cross-complaint against Hussein, alleging that he breached fiduciary duties owed to the Company. On September 16, 2015, the Court granted summary judgment with respect to Hussein’s remaining claims, dismissing all claims against us. The cross-complaint against Hussein went to trial, but the Court granted judgment in favor of Hussein on our cross-complaint. Final judgment over Hussein’s claims and our cross-claims was entered on January 9, 2018. Hussein appealed the order granting summary judgment over his claims, and we appealed the court’s decision granting Hussein’s motion for judgment on our cross-complaint. On October 8, 2019, the California State Court of Appeal for the Fourth Appellate District, Division Three, reversed the Superior Court’s grant of summary judgment on Hussein’s affirmative claims and affirmed the trial court’s judgement on the Company’s breach of fiduciary duty claims against Hussein. As a result, the case has returned to the trial court for resolution of Hussein’s claims against us. Previously scheduled trial dates have been postponed due to the ongoing pandemic, and a new trial date has been set for July 6, 2021.  Separately, Hussein has issued an arbitration demand seeking indemnification for the fees he incurred defending against our cross-complaint. Following briefing and a hearing at the liability phase of the arbitration, the arbitrator held that Hussein is entitled to indemnification for “expenses” (as that term is defined in Hussein’s indemnification agreement with NextGen) incurred in defense of NextGen’s cross-complaint against him. The arbitrator reserved all other claims related to costs and damages for a second phase of the arbitration. The parties are briefing the remaining issues in the indemnification matter and a hearing has been scheduled for June 10, 2021.

Although we believe the claim to be without merit, our operating results and share price may be negatively impacted due to the negative publicity, expenses incurred in connection with our defense, management distraction, and/or other factors related to this litigation. In addition, litigation of this nature may negatively impact our ability to attract and retain clients and strategic partners, as well as qualified board members and management personnel.

18

Table of Contents

Our credit agreement contains restrictive and financial covenants that may limit our operational flexibility. If we fail to meet our obligations under the credit agreement, our operations may be interrupted and our business and financial results could be adversely affected. On March 12, 2021, we entered into a revolving credit agreement with various lenders, secured by substantially all of our and our material domestic subsidiaries’ existing and future property. The credit agreement includes certain customary covenants that impose restrictions on our business and financing activities that could limit our operations or flexibility to take certain actions. The credit agreement also contains certain customary affirmative covenants requiring us to maintain specified levels of financial performance. Our ability to comply with these covenants may be affected by events that could be beyond our control. A breach of these covenants could result in an event of default under the credit agreement which, if not cured or waived, could result in the indebtedness becoming immediately due and payable, which in turn could result in material adverse consequences that negatively impact our business, the market price for our common stock, and our ability to obtain financing in the future. In addition, our credit agreement’s covenants, consent requirements, and other provisions may limit our flexibility to pursue or fund strategic initiatives or acquisitions that might be in the long-term interests of our Company and shareholders.

Risks Related to Our Products and Services

If our principal products, new product developments or implementation, training and support services fail to meet the needs of our clients due to lack of client acceptance, errors, or other problems, we may fail to realize future growth, suffer reputational harm and face the risk of losing existing clients. We currently derive substantially all of our net revenue from sales of our healthcare information systems and related services. We believe that a primary factor in the market acceptance of our systems has been our ability to meet the needs of users of healthcare information systems. Our future financial performance will depend in large part on our ability to continue to meet the increasingly sophisticated needs of our clients through the timely development and successful introduction of new and enhanced versions of our systems and other complementary products, as well as our ability to provide high quality implementation, training and support services for our products. We have historically expended a significant percentage of our net revenue on product development and believe that significant continuing product development efforts will be required to retain our existing clients and sustain our growth. Continued investment in our sales staff and our client implementation, training and support staffs will also be required to retain and grow our client base.

There can be no assurance that we will be successful in our client satisfaction or product development efforts, that the market will continue to accept our existing products and services, or that new products or product enhancements will be developed and implemented in a timely manner, meet the requirements of healthcare providers, or achieve market acceptance. Also, it is possible that our technology may contain defects or errors, some of which may remain undetected for a period of time. If we detect errors before we introduce a solution, we may have to delay deployment for an extended period of time while we address the problem. If we do not discover errors until after product deployment, we may need to provide enhancements to correct such errors. Remediating product defects and errors could consume our development and management resources. In addition, any failure or perceived failure to maintain high-quality and highly-responsive client support could harm our reputation. Quality or performance issues with our products and services may result in product-related liabilities, unexpected expenses and diversion of resources to remedy errors, harm to our reputation, lost sales, delays in commercial releases, delays in or loss of market acceptance of our solutions, license termination or renegotiations, and privacy or security vulnerabilities. If new products or product enhancements are delayed or do not achieve market acceptance, or if our implementation, training and support services do not achieve a high degree of client satisfaction, our reputation, business, results of operations and financial condition could be adversely affected. At certain times in the past, we have also experienced delays in purchases of our products by clients anticipating our launch, or the launch of our competitors, of new products. There can be no assurance that material order deferrals in anticipation of new product introductions from us or other entities will not occur.

If the emerging technologies and platforms of Microsoft and others upon which we build our products do not gain or continue to maintain broad market acceptance, or if we fail to develop and introduce in a timely manner new products and services compatible with such emerging technologies, we may not be able to compete effectively and our ability to generate revenue will suffer. Our software products are built and depend upon several underlying and evolving relational database management system platforms such as those developed by Microsoft. To date, the standards and technologies upon which we have chosen to develop our products have proven to have gained industry acceptance. However, the market for our software products is subject to ongoing rapid technological developments, quickly evolving industry standards and rapid changes in client requirements, and there may be existing or future technologies and platforms that achieve industry standard status, which are not compatible with our products.

19

Table of Contents

We are dependent on our license rights and other services from third parties, which may cause us to discontinue, delay or reduce product shipments. We depend upon licenses for some of the technology used in our products as well as other services from third party vendors. Most of these arrangements can be continued/renewed only by mutual consent and may be terminated for any number of reasons. We may not be able to continue using the products or services made available to us under these arrangements on commercially reasonable terms or at all. As a result, we may have to discontinue, delay or reduce product shipments or services provided until we can obtain equivalent technology or services. Most of our third-party licenses are non-exclusive. Our competitors may obtain the right to use any of the business elements covered by these arrangements and use these elements to compete directly with us. In addition, if our vendors choose to discontinue providing their technology or services in the future or are unsuccessful in their continued research and development efforts, we may not be able to modify or adapt our own products.

We may experience interruption at our data centers or client support facilities. We perform data center and/or hosting services for certain clients, including the storage of critical patient and administrative data at company-owned facilities and through third party hosting arrangements. In addition, we provide support services to our clients through various client support facilities. We have invested in reliability features such as multiple power feeds, multiple backup generators and redundant telecommunications lines, as well as technical (such as multiple overlapping security applications, access control and other countermeasures) and physical security safeguards and structured our operations to reduce the likelihood of disruptions. However, complete failure of all local public power and backup generators, impairment of all telecommunications lines, a concerted denial of service cyber-attack, a significant data breach, damage, injury or impairment (environmental, accidental, intentional or pandemic) to the buildings, the equipment inside the buildings housing our data centers, the personnel operating such facilities or the client data contained therein, or errors by the personnel trained to operate such facilities could cause a disruption in operations and negatively impact clients who depend on us for data center and system support services. Likewise, our use of a single cloud vendor could increase our exposure to interruptions if the vendor were to experience a catastrophic event impacting its service offering. Any interruption in operations at our data centers and/or client support facilities could damage our reputation, cause us to lose existing clients, hurt our ability to obtain new clients, result in significant revenue loss, create potential liabilities for our clients and us and increase insurance and other operating costs.

We face the possibility of claims based upon our website content, which may cause us expense and management distraction. We could be subject to third party claims based on the nature and content of information supplied on our website by us or third parties, including content providers or users. We could also be subject to liability for content that may be accessible through our website or third-party websites linked from our website or through content and information that may be posted by users in chat rooms, bulletin boards or on websites created by professionals using our applications. Even if these claims do not result in liability to us, investigating and defending against these claims could be expensive and time consuming and could divert management’s attention away from our operations.

If our security measures are breached or fail and unauthorized access is obtained to a client’s data, our services may be perceived as not being secure, clients may curtail or stop using our services, and we may incur significant liabilities. Our services involve the storage, transmission and processing of clients’ proprietary information and protected health information of patients. Because of the sensitivity of this information, security features of our software are very important. If our security measures are breached or fail as a result of third-party action, employee error, malfeasance, insufficiency, defective design, or otherwise, someone may be able to obtain unauthorized access to client or patient data. As a result, our reputation could be damaged, our business may suffer, and we could face damages for contract breach, penalties for violation of applicable laws or regulations and significant costs for remediation and remediation efforts to prevent future occurrences. We rely upon our clients as users of our system for key activities to promote security of the system and the data within it, such as administration of client-side access credentialing and control of client-side display of data. On occasion, our clients have failed to perform these activities. Failure of clients to perform these activities may result in claims against us that this reliance was misplaced, which could expose us to significant expense and harm to our reputation even though our policy is to enter into business associate agreements with our clients. Although we extensively train and monitor our employees, it is possible that our employees may, intentionally or unintentionally, breach security measures. Moreover, third parties with whom we do not have business associate agreements may breach the privacy and security of patient information, potentially causing us reputational damage and exposing us to liability. Because techniques used to obtain unauthorized access or to sabotage systems change frequently and generally are not recognized until launched against a target, we may be unable to anticipate these techniques or to implement adequate preventive measures. If an actual or perceived breach of our security occurs, the market perception of the effectiveness of our security measures could be harmed and we could lose sales and clients. In addition, our clients may authorize or enable third parties to access their client data or the data of their patients on our systems. Because we do not control such access, we cannot ensure the complete propriety of that access or integrity or security of such data in our systems.

20

Table of Contents

Failure by our clients to obtain proper permissions and waivers may result in claims against us or may limit or prevent our use of data, which could harm our business. We require our clients to provide necessary notices and to obtain necessary permissions and waivers for use and disclosure of the information that we receive, and we require contractual assurances from them that they have done so and will do so. If they do not obtain necessary permissions and waivers, then our use and disclosure of information that we receive from them or on their behalf may be limited or prohibited by state or federal privacy laws or other applicable laws. This could impair our functions, processes and databases that reflect, contain, or are based upon such data and may prevent use of such data. In addition, this could interfere with or prevent creation or use of rules and analyses or limit other data-driven activities that are beneficial to our business. Moreover, we may be subject to claims or liability for use or disclosure of information by reason of lack of valid notice, permission or waiver. These claims or liabilities could subject us to unexpected costs and adversely affect our operating results.

We face the possibility of damages resulting from internal and external security breaches. In the course of our business operations, we store, process, compile and transmit confidential information, including patient health information, in our processing centers and other facilities. A breach of security in any of these facilities could damage our reputation and result in damages being assessed against us. In addition, the other systems with which we may interface, such as the internet and related systems may be vulnerable to security breaches, viruses, programming errors, or similar disruptive problems. In addition, our clients and vendors with whom we have business associate agreements, or other parties with whom we do not have business associate agreements, may be responsible for breaching the security and compromising the privacy of patient information located on our systems. In addition, although we extensively train and monitor our employees, it is possible that our own employees may engage in conduct that compromises security or privacy. The effect of these security breaches and related issues could disrupt our ability to perform certain key business functions and could potentially reduce demand for our services. Accordingly, we have expended significant resources toward establishing and enhancing the security of our related infrastructures, although no assurance can be given that they will be entirely free from potential breach. Maintaining and enhancing our infrastructure security may require us to expend significant capital in the future.

The success of our strategy to offer our electronic data interchange (“EDI”) services and software as a service (“SaaS”) solutions depends on the confidence of our clients in our ability to securely transmit confidential information. Our EDI services and SaaS solutions rely on encryption, authentication and other security technology licensed from third parties to achieve secure transmission of confidential information. We may not be able to stop unauthorized attempts to gain access to or disrupt the transmission of communications by our clients. Anyone who is able to circumvent our security measures could misappropriate confidential user information or interrupt our, or our clients’, operations. In addition, our EDI and SaaS solutions may be vulnerable to viruses, malware, physical or electronic break-ins and similar disruptions.

High-profile security breaches at other companies have increased in recent years, and security industry experts and government officials have warned about the risks of hackers and cyber-attacks targeting information technology products and businesses. Although this is an industry-wide problem that affects other software and hardware companies, we may be targeted by computer hackers because we are a prominent healthcare information technology company and have high profile clients. These risks will increase as we continue to grow our cloud offerings, store and process increasingly large amounts of our clients’ confidential data, including personal health information, and host or manage parts of our clients’ businesses in cloud-based/multi-tenant information technology environments. We may use third party public cloud providers in connection with our cloud-based offerings or third-party providers to host our own data, in which case we may have to rely on the processes, controls and security such third parties have in place to protect the infrastructure.

The costs we would incur to address any security incidents would increase our expenses, and our efforts to resolve these problems may not be successful and could result in interruptions, delays, cessation of service and loss of existing or potential clients that may impede our sales, development of solutions, provision of services, or other critical functions. If a cyberattack or other security incident were to allow unauthorized access to or modification of our clients’ or suppliers’ data, our own data, or our information technology systems, or if our products or services are perceived as having security vulnerabilities, we could suffer significant damage to our brand and reputation. This could lead to fewer clients using our products or services and make it more difficult for us to obtain new clients, resulting in reduced revenue and earnings. These types of security incidents could also lead to lawsuits, regulatory investigations and claims, and increased legal liability.

Our business depends on continued and unimpeded access to the internet by us and our clients, which is not within our control. We deliver internet-based services and, accordingly, depend on our ability and the ability of our clients to access the internet. This access is currently provided by third parties that have significant market power in the broadband and internet access marketplace, including incumbent telephone companies, cable companies, mobile communications companies and government-owned service provides -- all of whom are outside of our control. In the event of any difficulties, outages and delays by internet service providers, we may be impeded from providing services, resulting in a loss of potential or existing clients.

21

Table of Contents

We may be subject to claims for system errors, warranties or product liability, which could have an adverse effect on our business, results of operations and financial condition. Our software solutions are intended for use in collecting, storing and displaying clinical and healthcare-related information used in the diagnosis and treatment of patients and in related healthcare settings such as admissions and billing. Therefore, users of our software solutions have a greater sensitivity to errors than the market for software products generally. Any failure by our products to provide accurate and timely information concerning patients, their medication, treatment and health status, generally, could result in claims against us which could materially and adversely impact our financial performance, industry reputation and ability to market new system sales. In addition, a court or government agency may take the position that our delivery of health information directly, including through licensed practitioners, or delivery of information by a third-party site that a consumer accesses through our websites, exposes us to assertions of malpractice, other personal injury liability, or other liability for wrongful delivery/handling of healthcare services or erroneous health information. We maintain insurance to protect against claims associated with the use of our products as well as liability limitation language in our end-user license agreements, but there can be no assurance that our insurance coverage or contractual language would adequately cover any claim asserted against us. A successful claim brought against us in excess of or outside of our insurance coverage could have an adverse effect on our business, results of operations and financial condition. Even unsuccessful claims could result in our expenditure of funds for litigation and management time and resources.

Certain healthcare professionals who use our SaaS products will directly enter health information about their patients including information that constitutes a record under applicable law that we may store on our computer systems. Numerous federal and state laws and regulations, the common law and contractual obligations, govern collection, dissemination, use and confidentiality of patient-identifiable health information, including: (i) state and federal privacy and confidentiality laws; (ii) our contracts with clients and partners; (iii) state laws regulating healthcare professionals; (iv) Medicaid laws; (v) HIPAA and related rules proposed by CMS; (vi) CMS standards for internet transmission of health data and (vii); and The 21^st Century Cures Act.

HIPAA establishes elements including, but not limited to, federal privacy and security standards for the use and protection of Protected Health Information. Any failure by us or by our personnel or partners to comply with applicable requirements may result in a material liability to us.

Although we have systems and policies in place for safeguarding Protected Health Information from unauthorized disclosure, these systems and policies may not preclude claims against us for alleged violations of applicable requirements. Also, third-party sites and/or links that consumers may access through our web sites may not maintain adequate systems to safeguard this information or may circumvent systems and policies we have put in place. In addition, future laws or changes in current laws may necessitate costly adaptations to our policies, procedures, or systems.

There can be no assurance that we will not be subject to product liability claims, that such claims will not result in liability in excess of our insurance coverage, that our insurance will cover such claims or that appropriate insurance will continue to be available to us in the future at commercially reasonable rates. Such product liability claims could adversely affect our business, results of operations and financial condition.

We are subject to the effect of payer and provider conduct which we cannot control and accordingly, there is no assurance that revenue for our services will continue at historic levels. We offer certain electronic claims submission products and services as part of our product line. While we have implemented certain product features designed to maximize the accuracy and completeness of claims submissions, these features may not be sufficient to prevent inaccurate claims data from being submitted to payers. Should inaccurate claims data be submitted to payers, we may be subject to liability claims.

Electronic data transmission services are offered by certain payers to healthcare providers that establish a direct link between the provider and payer. This process reduces revenue to third party EDI service providers such as us. As a result of this, and other market factors, we are unable to ensure that we will continue to generate revenue at or in excess of prior levels for such services.

A significant increase in the utilization of direct links between healthcare providers and payers could adversely affect our transaction volume and financial results. In addition, we cannot provide assurance that we will be able to maintain our existing links to payers or develop new connections on terms that are economically satisfactory to us, if at all.

Proprietary rights are material to our success, and the misappropriation of these rights could adversely affect our business and our financial condition. We are heavily dependent on the maintenance and protection of our intellectual property and we rely largely on technical security measures, license agreements, confidentiality procedures and employee nondisclosure agreements to protect our intellectual property. The majority of our software is not patented and existing copyright laws offer only limited practical protection.

There can be no assurance that the legal protections and precautions we take will be adequate to prevent misappropriation of our technology or that competitors will not independently develop technologies equivalent or superior to ours. Further, the laws of some foreign countries do not protect our proprietary rights to as great an extent as do the laws of the United States and are often not enforced as vigorously as those in the United States.

22

Table of Contents

We do not believe that our operations or products infringe on the intellectual property rights of others. However, there can be no assurance that others will not assert infringement or trade secret claims against us with respect to our current or future products or that any such assertion will not require us to enter into a license agreement or royalty arrangement or other financial arrangement with the party asserting the claim. Responding to and defending any such claims may distract the attention of our management and adversely affect our business, results of operations and financial condition. In addition, claims may be brought against third parties from which we purchase software, and such claims could adversely affect our ability to access third party software for our systems.

If we are deemed to infringe on the proprietary rights of third parties, we could incur unanticipated expense and be prevented from providing our products and services. We have been, and may be in the future, subject to intellectual property infringement claims as the number of our competitors grows and our applications' functionality is viewed as similar or overlapping with competitive products. We do not believe that we have infringed or are infringing on any proprietary rights of third parties. However, claims are occasionally asserted against us, and we cannot assure you that infringement claims will not be asserted against us in the future. Also, we cannot assure you that any such claims will be unsuccessful. We could incur substantial costs and diversion of management resources defending any infringement claims - even if we are ultimately successful in the defense of such matters. Furthermore, a party making a claim against us could secure a judgment awarding substantial damages, as well as injunctive or other equitable relief that could effectively block our ability to provide products or services. In addition, we cannot assure you that licenses for any intellectual property of third parties that might be required for our products or services will be available on commercially reasonable terms, or at all.

We face risks related to the periodic maintenance and upgrades that need to be made to our products. As we continue to develop and improve upon our technology and offerings, we need to periodically upgrade and maintain the products deployed to our clients. This process can require a significant amount of our internal time and resources and can be complicated and time consuming for our clients. Certain upgrades may also pose the risk of system delays or failure. If our periodic upgrades and maintenance cause disruptions to our clients, we may lose revenue-generating transactions, our clients may elect to use other solutions and we may also be the subject of negative publicity that may adversely affect our business and reputation.

Risks Related to Regulation

There is significant uncertainty in the healthcare industry in which we operate, and the current governmental laws and regulations as well as any future modifications to the regulatory environment, may adversely impact our business, financial condition and results of operations. The healthcare industry is subject to changing political, economic, legal and regulatory influences that may affect the procurement processes and operation of healthcare facilities. A number of federal and state laws, including laws prohibiting the submission of false or fraudulent claims, apply to healthcare providers and others that make, offer, seek or receive referrals or payments for products or services that may be paid for through any federal or state healthcare program and, in some instances, any private program. These laws are complex and their application to our specific services and relationships may not be clear and may be applied to our business in ways that we do not anticipate. Federal and state regulatory and law enforcement authorities have recently increased enforcement activities with respect to Medicare and Medicaid fraud and abuse regulations and other healthcare reimbursement laws and rules.

During the past several years, the healthcare industry has also been subject to an increase in governmental regulation of, among other things, reimbursement rates and certain capital expenditures.

For example, the Health Insurance Portability and Accountability Act of 1996, as modified by HITECH provisions of the ARRA (collectively, “HIPAA”), continues to have a direct impact on the health care industry by requiring national provider identifiers and standardized transactions/code sets, operating rules and necessary security and privacy measures in order to ensure the appropriate level of privacy of protected health information. These regulatory factors affect the purchasing practices and operation of health care organizations.

The Patient Protection and Affordable Care Act (“PPACA”), which was amended by the Health Care and Education Reconciliation Act of 2010, became law in 2010. This comprehensive health care reform legislation included provisions to control health care costs, improve health care quality, and expand access to affordable health insurance. The Medicare Access and CHIP Reauthorization Act of 2015 (“MACRA”), which became law in 2015, repealed the sustainable growth rate (“SGR”) formula and created two new value-based payment systems for Medicare physicians. Together with ongoing statutory and budgetary policy developments at a federal level, these health care reform laws include changes in Medicare and Medicaid payment policies and other health care delivery administrative reforms that could potentially negatively impact our business and the business of our clients. Because not all the administrative rules implementing health care reform under these laws have been finalized, and because of ongoing federal fiscal budgetary pressures yet to be resolved for federal health programs, the full impact of the health care reform legislation and of further statutory actions to reform healthcare payment on our business is unknown, but there can be no assurances that health care reform legislation will not adversely impact either our operational results or the manner in which we operate our business. Health care industry participants may respond by reducing their investments or postponing investment decisions, including investments in our solutions and services.

23

Table of Contents

In March 2020, the U.S. Congress passed several laws in response to the coronavirus pandemic. Included in these laws are multiple provisions that are likely to have a significant impact on healthcare providers. Because regulations implementing these provisions have yet to be released and health care providers are subject to future legislative changes, the industry is likely to be subject to additional coronavirus-related legislative and regulatory changes in 2020.

Healthcare providers may react to these proposals, and the uncertainty surrounding such proposals, by curtailing or deferring investments, including those for our systems and related services. Cost-containment measures instituted by healthcare providers as a result of regulatory reform or otherwise could result in a reduction in the allocation of capital funds. Such a reduction could have an adverse effect on our ability to sell our systems and related services. On the other hand, changes in the regulatory environment have increased and may continue to increase the needs of healthcare organizations for cost-effective data management and thereby enhance the overall market for healthcare management information systems. We cannot predict what effect, if any, such proposals or healthcare reforms might have on our business, financial condition and results of operations.

As existing regulations mature and become better defined, we anticipate that these regulations will continue to directly affect certain of our products and services, but we cannot fully predict the effect at this time. We have taken steps to modify our products, services and internal practices as necessary to facilitate our compliance with the regulations, but there can be no assurance that we will be able to do so in a timely or complete manner. Achieving compliance with these regulations could be costly and distract management’s attention and divert other company resources, and any noncompliance by us could result in civil and criminal penalties.

Developments of additional federal and state regulations and policies have the potential to positively or negatively affect our business.

Other specific risks include, but are not limited to, risks relating to:

Privacy and Security of Patient Information. As part of the operation of our business, we may have access to or our clients may provide to us individually-identifiable health information related to the treatment, payment, and operations of providers’ practices. Government and industry legislation and rulemaking, especially HIPAA, HITECH and standards and requirements published by industry groups such as the Joint Commission require the use of standard transactions, standard identifiers, security and other standards and requirements for the transmission of certain electronic health information. These standards and requirements impose additional obligations and burdens on us, limiting the use and disclosure of individually-identifiable health information, and require us to enter into business associate agreements with our clients and vendors. Failure by us to enter into adequate business associate agreements with any client or vendor would place us in violation of applicable standards and requirements and could expose us to liability. Our business associates may interpret HIPAA requirements differently than we do, and we may not be able to adequately address the risks created by such interpretations. These new rules, and any future changes to privacy and security rules, may increase the cost of compliance and could subject us to additional enforcement actions, which could further increase our costs and adversely affect the way in which we do business.

Interoperability Standards. Our clients are concerned with and often require that our software solutions and health care devices be interoperable with other third-party health care information technology suppliers. With the passing of the MACRA in 2015, the U.S. Congress declared it a national objective to achieve widespread exchange of health information through interoperable certified EHR technology nationwide by December 31, 2018. The 21^st Century Cures Act, which was passed and signed into law in December 2016, includes numerous provisions intended to encourage this nationwide interoperability.

In February 2019, HHS’s Office of the National Coordinator for Health Information Technology (“ONC”) released a proposed rule titled, “21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program.”  Following an extended public comment period, in March 2020 ONC released the final rule which implements the key interoperability provisions included in the Cures Act. Specifically, it calls on developers of certified EHRs and health IT products to adopt standardized application programming interfaces (“APIs”), which will help allow individuals to securely and easily access structured and unstructured EHI formats using smartphones and other mobile devices. This provision and others included in the rule create a lengthy list of new certification and maintenance of certification requirements that developers of EHRs and other health IT products have to meet in order to maintain approved federal government certification status. Meeting and maintaining this certification status will require additional development costs.

The ONC rule also implements the information blocking provisions of the 21st Century Cures Act, including identifying reasonable and necessary activities that do not constitute information blocking. Under the 21st Century Cures Act, the U.S. Department of Health and Human Services (“HHS”) has the regulatory authority to investigate and assess civil monetary penalties of up to $1,000,000 against certified health IT developers found to be in violation of “information blocking”. This new oversight and authority to investigate claims of information blocking creates significant risks for us and our clients and could potentially create substantial new compliance costs.

Other regulatory provisions included in the ONC Cures Act final rule could create compliance costs and/or regulatory risks for the company. Because these regulations are subject to future changes and/or significant enforcement discretion by federal agencies, the ultimate impact of these regulations is unknown.

24

Table of Contents

FDA Regulation of Software as a Medical Device. The U.S. Food and Drug Administration (“FDA”) has the statutory authority to regulate medical software if it falls within the definition of a “device” under the Federal Food, Drug, and Cosmetic Act (“FFDCA”). However, the FDA has exercised enforcement discretion for software said to be “low risk.” The December 2016 21st Century Cures Act clarified the FDA’s regulation of medical software by amending the definition of “device” in the FFDCA to exclude certain software functions, including electronic health record software functionality and administrative software functionality. In December 2017, the FDA issued draft guidance documents to clarify how it intends to interpret and enforce these provisions of the Cures Act. In 2017, the FDA also issued a Digital Health Innovation Action Plan and launched a voluntary “Software Precertification (Pre-Cert) Pilot Program” for software developers. Then in September 2019 the FDA issued several different digital health-focused final and draft guidance documents. Although we believe that our products are currently not subject to FDA regulation, we continue to follow the FDA’s guidance in this area, which is subject to change and in some critical areas only currently exists in draft form. As a result, our software may potentially be subject to regulation by the FDA as a medical device. Such regulation could require the registration of the applicable manufacturing facility and software and hardware products, application of detailed record-keeping and manufacturing standards, application of the medical device excise tax, and FDA approval or clearance prior to marketing. An approval or clearance requirement could create delays in marketing, and the FDA could require supplemental filings or object to certain of these applications, the result of which could adversely affect our business, financial condition and results of operations.

Health Reform. The health reform laws discussed above and that may be enacted in the future contain and may contain various provisions which may impact us and our clients. Some of these provisions may have a positive impact, by expanding the use of electronic health records and other health information technology solutions in certain federal programs, for example, while others, such as reductions in reimbursement for certain types of providers, may have a negative impact due to fewer available resources. Increases in fraud and abuse penalties may also adversely affect participants in the health care sector, including us.

We may not see the benefits from government funding programs initiated to accelerate the adoption and utilization of health information technology. While government programs have been implemented to improve the efficiency and quality of the healthcare sector, including expenditures to stimulate business and accelerate the adoption and utilization of healthcare technology, we may not see the anticipated benefits of such programs. Under the ARRA, the PPACA, and the MACRA, significant government financial resources are being invested in healthcare, including financial incentives to healthcare providers who can demonstrate meaningful use of certified EHR technology since 2011. While we expect the ARRA, the PPACA, and the MACRA to continue to create sales opportunities over the next several years, we are unsure of the immediate or long-term impact of these government actions.

HITECH established the Medicare and Medicaid EHR Incentive Programs to provide incentive payments for eligible professionals, hospitals, and critical access hospitals as they adopt, implement, upgrade, or demonstrate meaningful use of certified EHR technology. HITECH, and subsequently MACRA, also authorized CMS to apply payment adjustments, or penalties, to Medicare eligible professionals and eligible hospitals that are not meaningful users under the Medicare EHR Incentive Program.

Although we believe that our service offerings will meet the requirements of HITECH and MACRA to allow our clients to qualify for financial incentives and avoid financial penalties for implementing and using our services, there can be no guaranty that our clients will achieve meaningful use (or its equivalent under MACRA’s Merit Based Incentive Payment System, Promoting Interoperability) or actually receive such planned financial incentives for our services. Where clients have relied on our software as being certified according to applicable HITECH Act technical standards, we may face liability related to any incentive that the physicians received in reliance upon such certification if this certification were to be challenged.  Failure to maintain this certification under the HITECH Act could also jeopardize our relationships with customers who are relying upon us to provide certified software and will make our products and services less attractive to customers than the offerings of other EHR vendors who maintain certification of their products.

We also cannot predict the speed at which healthcare providers will adopt electronic health record systems in response to these government incentives, whether healthcare providers will select our products and services or whether healthcare providers will implement an electronic health record system at all. In addition, the financial incentives associated with the meaningful use program are tied to provider participation in Medicare and Medicaid, and we cannot predict whether providers will continue to participate in these programs. Any delay in the purchase and implementation of electronic health records systems by healthcare providers in response to government programs, or the failure of healthcare providers to purchase an electronic health record system, could have an adverse effect on our business, financial condition and results of operations. It is also possible that additional regulations or government programs related to electronic health records, amendment or repeal of current healthcare laws and regulations or the delay in regulatory implementation could require us to undertake additional efforts to meet meaningful use standards, materially impact our ability to compete in the evolving healthcare IT market, materially impact healthcare providers' decisions to implement electronic health records systems or have other impacts that would be unfavorable to our business. The costs of achieving and maintaining certified electronic health record technology (“CEHRT”) are also significant and because the definition of CEHRT and its use requirements for clients are subject to regulatory changes, these programs and future regulatory changes to them could adversely impact our business.

25

Table of Contents

Several of our solutions also support Accountable Care Organizations (“ACOs”). In 2020, Medicare’s largest ACO program, the Shared Savings Program, consisted of 517 ACOs serving 11.2 million assigned beneficiaries across the country. In December 2018, the Centers for Medicare & Medicaid Services (“CMS”) issued a final rule that dramatically redesigns and sets a new direction for Shared Savings Program, renaming it “Pathways to Success.”  Because it is unknown how ACOs will react to CMS’s Pathways to Success program redesign and several of the redesigned program’s policies will not be fully implemented for ACOs until 2021, we cannot predict the impact the regulatory change will have on our clients and our business, including where we are alleged to have not appropriately complied with these regulations.

We may be subject to false or fraudulent claim laws. There are numerous federal and state laws that forbid submission of false information or the failure to disclose information in connection with submission and payment of physician claims for reimbursement. In some cases, these laws also forbid abuse of existing systems for such submission and payment. Any failure of our revenue cycle management services to comply with these laws and regulations could result in substantial liability including, but not limited to, criminal liability, could adversely affect demand for our services and could force us to expend significant capital, research and development and other resources to address the failure. Errors by us or our systems with respect to entry, formatting, preparation or transmission of claim information may be determined or alleged to be in violation of these laws and regulations. Determination by a court or regulatory agency that our services violate these laws could subject us to civil or criminal penalties, invalidate all or portions of some of our client contracts, require us to change or terminate some portions of our business, require us to refund portions of our services fees, cause us to be disqualified from serving clients doing business with government payers and have an adverse effect on our business. Determination by a court that we have violated the False Claims Act (“FCA”) may subject us to treble damages, plus mandatory civil penalties for each separate false claim.  Even if these matters are not resolved against us, the uncertainty and expense associated with unresolved legal proceedings could harm our business and reputation. It is possible that resolution of one or any combination of more than one legal matter could result in a material adverse impact on our financial position or results of operations.

In most cases where we are permitted to do so, we calculate charges for our revenue cycle management services based on a percentage of the collections that our clients receive as a result of our services. To the extent that violations or liability for violations of these laws and regulations require intent, it may be alleged that this percentage calculation provides us or our employees with incentive to commit or overlook fraud or abuse in connection with submission and payment of reimbursement claims. The U.S. Centers for Medicare and Medicaid Services has stated that it is concerned that percentage-based billing services may encourage billing companies to commit or to overlook fraudulent or abusive practices.

A portion of our business involves billing of Medicare claims on behalf of its clients. In an effort to combat fraudulent Medicare claims, the federal government offers rewards for reporting of Medicare fraud which could encourage others to subject us to a charge of fraudulent claims, including charges that are ultimately proven to be without merit.

Additionally, under the False Claims Act FCA, the federal government allows private individuals to file a complaint or otherwise report actions alleging the defrauding of the federal government by an entity. These suits, known as qui tam actions or “whistleblower” suits may be brought by, with only a few exceptions, any private citizen who believes that he has material information of a false claim that has not been previously disclosed. If the federal government intervenes, the individual that filed the initial complaint may share in any settlement or judgment. If the federal government does not intervene in the action, the whistleblower plaintiff may pursue its allegation independently. Some states have adopted similar state whistleblower and false claims provisions. Qui tam actions under the FCA and similar state laws may lead to significant fines, penalties, settlements or other sanctions, including exclusion from Medicare or other federal or state healthcare programs.

If our products fail to comply with evolving government and industry standards and regulations, we may have difficulty selling our products. We may be subject to additional federal and state statutes and regulations in connection with offering services and products via the internet. On an increasingly frequent basis, federal and state legislators are proposing laws and regulations that apply to internet commerce and communications. Areas being affected by these regulations include user privacy, pricing, content, taxation, copyright protection, distribution, and quality of products and services. To the extent that our products and services are subject to these laws and regulations, the sale of our products and services could be harmed.

We are subject to changes in and interpretations of financial accounting matters that govern the measurement of our performance, one or more of which could adversely affect our business, financial condition, cash flows, revenue, results of operations, and debt covenant compliance. Based on our reading and interpretations of relevant guidance, principles or concepts issued by, among other authorities, the American Institute of Certified Public Accountants, the Financial Accounting Standards Board and the Commission, we believe our current business arrangements, transactions, and related estimates and disclosures have been properly reported. However, there continue to be issued interpretations and guidance for applying the relevant standards to a wide range of sales and licensing contract terms and business arrangements that are prevalent in the software industry. Future interpretations or changes by the regulators of existing accounting standards or changes in our business practices could result in changes in our revenue recognition and/or other accounting policies and practices that could adversely affect our business, financial condition, cash flows, revenue and results of operations. In addition, changes in accounting rules could alter the application of certain terms in our credit agreement, thereby impacting our ability to comply with our debt covenants.

26

Table of Contents

Failure to maintain effective internal controls in accordance with Section 404 of the Sarbanes-Oxley Act of 2002 could have an adverse effect on our business, and our per share price may be adversely affected. Pursuant to Section 404 of the Sarbanes-Oxley Act of 2002 (“Section 404”) and the rules and regulations promulgated by the SEC to implement Section 404, we are required to include in our Form 10-K a report by our management regarding the effectiveness of our internal control over financial reporting. The report includes, among other things, an assessment of the effectiveness of our internal control over financial reporting. The assessment must include disclosure of any material weakness in our internal control over financial reporting identified by management.

As part of the evaluation undertaken by management and our independent registered public accountants pursuant to Section 404, our internal control over financial reporting was effective as of our most recent fiscal year end. However, if we fail to maintain an effective system of disclosure controls or internal controls over financial reporting, we may discover material weaknesses that we would then be required to disclose. Any material weaknesses identified in our internal controls could have an adverse effect on our business. We may not be able to accurately or timely report on our financial results, and we might be subject to investigation by regulatory authorities. This could result in a loss of investor confidence in the accuracy and completeness of our financial reports, which may have an adverse effect on our stock price.

No evaluation process can provide complete assurance that our internal controls will detect and correct all failures within our company to disclose material information otherwise required to be reported. The effectiveness of our controls and procedures could also be limited by simple errors or faulty judgments. In addition, if we continue to expand, through either organic growth or through acquisitions (or both), the challenges involved in implementing appropriate controls will increase and may require that we evolve some or all of our internal control processes.

It is also possible that the overall scope of Section 404 may be revised in the future, thereby causing ourselves to review, revise or reevaluate our internal control processes which may result in the expenditure of additional human and financial resources.

Risks Related to Ownership of Our Common Stock

The unpredictability of our quarterly operating results may cause the price of our common stock to fluctuate or decline. Our revenue may fluctuate in the future from quarter to quarter and period to period, as a result of a number of factors including, without limitation:

27

Table of Contents

Our software products are generally shipped as orders are received and accordingly, we have historically operated with a minimal backlog of license fees. As a result, a portion of our revenue in any quarter is dependent on orders booked and shipped in that quarter and is not predictable with any degree of certainty. Furthermore, our systems can be relatively large and expensive, and individual systems sales can represent a significant portion of our revenue and profits for a quarter such that the loss or deferral of even one such sale can adversely affect our quarterly revenue and profitability. Clients often defer systems purchases until our quarter end, so quarterly revenue from system sales generally cannot be predicted and frequently are not known until after the quarter has concluded. Our sales are dependent upon clients’ initial decisions to replace or substantially modify their existing information systems, and subsequently, their decision concerning which products and services to purchase. These are major decisions for healthcare providers and, accordingly, the sales cycle for our systems can vary significantly and typically ranges from six to twenty-four months from initial contact to contract execution/shipment. Because a significant percentage of our expenses are relatively fixed, a variation in the timing of systems sales, implementations and installations can cause significant variations in operating results from quarter to quarter. As a result, we believe that interim period-to-period comparisons of our results of operations are not necessarily meaningful and should not be relied upon as indications of future performance. Further, our historical operating results are not necessarily indicative of future performance for any particular period. We currently recognize revenue in accordance with the applicable accounting guidance as defined by the FASB. There can be no assurance that application and subsequent interpretations of these pronouncements will not further modify our revenue recognition policies, or that such modifications would not adversely affect our operating results reported in any particular quarter or year. Due to all of the foregoing factors, it is possible that our operating results may be below the expectations of public market analysts and investors. In such event, the price of our common stock would likely be adversely affected.

Our common stock price has been volatile, which could result in substantial losses for investors purchasing shares of our common stock and in litigation against us. Volatility may be caused by a number of factors including but not limited to:

Furthermore, the stock market in general, and the market for software, healthcare and high technology companies in particular, has experienced extreme volatility that often has been unrelated to the operating performance of particular companies. These broad market and industry fluctuations may adversely affect the trading price of our common stock, regardless of actual operating performance.

Moreover, in the past, securities class action litigation has often been brought against a company following periods of volatility in the market price of its securities. We may in the future be the target of similar litigation. Securities litigation could result in substantial costs and divert management’s attention and resources.

One of our current directors is a significant shareholder, which makes it possible for him to have significant influence over the outcome of all matters submitted to our shareholders for approval and which influence may be alleged to conflict with our interests and the interests of our other shareholders. One of our directors is a significant shareholder who beneficially owns approximately 15% of the outstanding shares of our common stock at March 31, 2021. California law and our Bylaws permit our shareholders to cumulate their votes, the effect of which is to provide shareholders with sufficiently large concentrations of our shares the opportunity to assure themselves one or more seats on our Board of Directors. The amounts required to assure a seat on our Board of Directors can vary based upon the number of shares outstanding, the number of shares voting, the number of directors to be elected, the number of “broker non-votes,” and the number of shares held by the shareholder exercising the cumulative voting rights. In the event that cumulative voting is invoked, it is possible that any significant shareholders will each have sufficient votes to assure themselves of one or more seats on our Board of Directors. With or without cumulative voting, any significant shareholders will have substantial influence over the outcome of all matters submitted to our shareholders for approval, including the election of our directors and other corporate actions. This influence may be alleged to conflict with our interests and the interests of our other shareholders. In addition, such influence by a significant shareholder could have the effect of discouraging others from attempting to acquire our Company or create actual or perceived governance instabilities that could adversely affect the price of our common stock.

28

Table of Contents

ITEM 1B. UNRESOLVED STAFF COMMENTS

None.

ITEM 2. PROPERTIES

Our corporate headquarters is located in Atlanta, Georgia. We believe that our existing facilities are in good condition and adequate for our current business requirements. Should we continue to grow, we may be required to lease or acquire additional space. We believe that suitable additional space is available, if needed, at commercially reasonable market rates and terms.

As of March 31, 2021, we leased an aggregate of approximately 541,900 square feet of space with lease agreements expiring at various dates, of which approximately 336,200 square feet of space are utilized for continuing operations and 205,700 square feet of space are being subleased or have been vacated as part of our reorganization efforts, as described further in Note 6, "Leases" of our notes to consolidated financial statements included elsewhere in this Report:

ITEM 3. LEGAL PROCEEDINGS

We have experienced legal claims by clients regarding product and contract disputes, by other third parties asserting that we have infringed their intellectual property rights, by current and former employees regarding certain employment matters and by certain shareholders. We believe that these claims are without merit and intend to defend against them vigorously; however, we could incur substantial costs and diversion of management resources defending any such claim, even if we are ultimately successful in the defense of such matter. Litigation is inherently uncertain and always difficult to predict.

Additionally, we are subject to the regulation and oversight of various federal and state governmental agencies that enforce fraud and abuse programs related to the submission of fraudulent claims for reimbursement from governmental payers. We have received, and from time to time may receive, inquiries or subpoenas from federal and state agencies. Under the False Claims Act (“FCA”), private parties have the right to bring qui tam, or “whistleblower,” suits against entities that submit, or cause to be submitted, fraudulent claims for reimbursement. Qui tam or whistleblower actions initiated under the FCA may be pending but placed under seal by the court to comply with the FCA’s requirements for filing such suits. As a result, they could lead to proceedings without our knowledge. We refer you to the discussion of regulatory and litigation risks within “Item 1A. Risk Factors” and to Note 16, “Commitments, Guarantees and Contingencies” of our notes to consolidated financial statements included elsewhere in this Report for a discussion of current legal proceedings.

ITEM 4. MINE AND SAFETY DISCLOSURES

Not applicable.

29

Table of Contents

PART II

ITEM 5. MARKET FOR REGISTRANT’S COMMON EQUITY, RELATED STOCKHOLDER MATTERS AND ISSUER PURCHASES OF EQUITY SECURITIES

Market Price and Holders

Our common stock is traded under the symbol “NXGN” on the NASDAQ Global Select Market.  At May 24, 2021, there were approximately 633 holders of record of our common stock.

Securities Authorized for Issuance Under Equity Compensation Plans

The information included under Item 12 of this Report, "Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters," is incorporated herein by reference.

Performance Graph

The following graph compares the cumulative total returns of our common stock, the NASDAQ Composite Index and the NASDAQ Computer & Data Processing Services Stock Index over the five-year period ended March 31, 2021 assuming $100 was invested on March 31, 2016 with all dividends, if any, reinvested. The returns shown are based on historical results and are not intended to be indicative of future stock prices or future performance. This performance graph shall not be deemed to be “soliciting material” or “filed” for purposes of Section 18 of the Securities Exchange Act of 1934, as amended (the “Exchange Act”) or otherwise subject to the liabilities under that Section and shall not be deemed to be incorporated by reference into any filing of the Company under the Securities Act of 1933, as amended or the Exchange Act.

COMPARISON OF 5 YEAR CUMULATIVE TOTAL RETURN*

Among NextGen Healthcare, Inc., The NASDAQ Composite Index

And The NASDAQ Computer & Data Processing Index

ITEM 6. SELECTED FINANCIAL DATA

Reserved.

30

Table of Contents

ITEM 7. MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS

Except for the historical information contained herein, the matters discussed in this management’s discussion and analysis of financial condition and results of operations (“MD&A”), including discussions of our product development plans, business strategies, future operations, financial condition and prospects, developments in and the impacts of government regulation and legislation, and market factors influencing our results, may include forward-looking statements that involve certain risks and uncertainties. Actual results may differ from those anticipated by us as a result of various factors, both foreseen and unforeseen, including, but not limited to, the impact of the COVID-19 pandemic and measures taken in response thereto, as well as our ability to continue to develop new products and increase systems sales in markets characterized by rapid technological evolution, consolidation and competition from larger, better-capitalized competitors. Many other economic, competitive, governmental and technological factors could affect our ability to achieve our goals, and interested persons are urged to review the risk factors discussed in “Item 1A. Risk Factors” as set forth herein, as well as in our other public disclosures and filings with the Securities and Exchange Commission ("SEC").

This MD&A is provided as a supplement to the consolidated financial statements and notes thereto included elsewhere in this Annual Report on Form 10-K ("Report") in order to enhance your understanding of our results of operations and financial condition and should be read in conjunction with, and is qualified in its entirety by, the consolidated financial statements and related notes thereto included elsewhere in this Report. Historical results of operations, percentage margin fluctuations and any trends that may be inferred from the discussion below are not necessarily indicative of the operating results for any future period. For information regarding the year ended March 31, 2019, including a year-to-year comparison of our financial condition and results of operations for the years ended March 31, 2020 and March 31, 2019, refer to Item 7, "Management's Discussion and Analysis of Financial Condition and Results of Operations" of our Annual Report on Form 10-K for the year ended March 31, 2020, filed with the SEC on June 1, 2020.

Company Overview

NextGen Healthcare is a leading provider of software and services that empower ambulatory healthcare practices to manage the risk and complexity of delivering care in the rapidly evolving U.S. healthcare system. Our combination of technological breadth, depth and domain expertise makes us a preferred solution provider and trusted advisor for our clients. In addition to highly configurable core clinical and financial capabilities, our portfolio includes tightly integrated solutions that deliver on ambulatory healthcare imperatives including: population health, care management, patient outreach, telemedicine, and nationwide clinical information exchange.

We serve clients across all 50 states. Over 100,000 providers use NextGen Healthcare solutions to deliver care in nearly every medical specialty in a wide variety of practice models including accountable care organizations (“ACOs”), independent physician associations (“IPAs”), managed service organizations (“MSOs”), Veterans Service Organizations (“VSOs”), and Dental Service Organizations (“DSOs”). Our clients include some of the largest and most progressive multi-specialty groups in the country. With the addition of behavioral health to our medical and oral health capabilities, we continue to extend our share not only in Federally Qualified Health Centers (“FQHCs”), but also in the growing integrated care market.

NextGen Healthcare has historically enhanced our offering through both organic and inorganic activities. In October 2015, we divested our former Hospital Solutions division to focus exclusively on the ambulatory marketplace. In January 2016, we acquired HealthFusion Holdings, Inc. and its cloud-based electronic health record and practice management solution. In April 2017, we acquired Entrada, Inc. and its cloud-based, mobile platform for clinical documentation and collaboration. In August 2017, we acquired EagleDream Health, Inc. and its cloud-based population health analytics solution. In January 2018, we acquired Inforth Technologies for its specialty-focused clinical content. In October 2019, we acquired Topaz Information Systems, LLC (“Topaz”) for its behavioral health solutions. In December 2019, we acquired Medfusion, Inc. (“Medfusion”) for its Patient Experience Platform (i.e., patient portal, self-scheduling, and patient pay) capabilities and OTTO Health, LLC (“OTTO”) for its integrated virtual care solutions, notably telemedicine. The integration of these acquired technologies has made NextGen Healthcare’s solutions among the most comprehensive in the market.

Our company was incorporated in California in 1974. Previously named Quality Systems, Inc., we changed our corporate name to NextGen Healthcare, Inc. in September 2018. Our principal executive offices are located at 3525 Piedmont Rd., NE, Building 6, Suite 700, Atlanta, Georgia, and our principal website is www.nextgen.com. We operate on a fiscal year ending on March 31.

31

Table of Contents

Industry and Regulatory Background, Market Opportunity, and Trends

Over the last decade, the ambulatory healthcare market has experienced significant regulatory change, which has driven the need for improved technology to enable practice transformation. Recognizing it was imperative to digitize the U.S. health system to stem the escalating cost of healthcare and improve the quality of care being delivered, Congress enacted the Health Information Technology for Economic and Clinical Health Act in 2009 (“HITECH Act”). The legislation stimulated healthcare organizations to not only adopt electronic health records, but to use them to collect discrete data that could be used to drive quality care. This standardization supported early pay-for-reporting and pay-for-performance programs.

In 2010, the Affordable Care Act (“ACA”) established the roadmap for shifting American healthcare from volume (fee-for-service) to a value-based care (“VBC”) system that rewards improved outcomes at lower costs (fee-for-value). This was followed by the Medicare Access and CHIP Reauthorization Act of 2015 (“MACRA”), bipartisan legislation that further changed the way Medicare rewards clinicians for value vs. volume. Initially focused on government-funded care, the domain of the Centers for Medicare & Medicaid Services (“CMS”), these programs are now firmly established on the commercial insurance side of the industry as well.

Importantly, the introduction of VBC programs was only an element of the broader approach to reducing healthcare expenditure. The drive to reduce costs initially led to consolidation in the healthcare system that was followed by a significant shift of care from the inpatient to lower cost outpatient setting. Among other factors, consumerism is set to play a major role in driving volume increases outside of the hospital. In addition, providers continue to seek new tools and means to connect with patients in new ways. Patients are expecting care to be personalized and tailored to their preferences and are seeking much greater transparency about the costs for visits, medications, and procedures as well as improved convenience and access to care. Along with the continued expansion of telehealth, there will be growth in technologies which facilitate the digital connection between patient and provider.

The need to sustain revenue has made it extremely important for practices to secure their patient market share, elevating patient loyalty to a significant determinant of provider success. In addition to being loyal, groups participating in value-based contracts realized that patients also needed to be engaged in their care and interested in improving their own health. The need to attract, retain and engage patients has made patient experience one of the most important aspects of evolving care delivery in the United States. Capturing patient market share and thriving in a market driven by VBC requires both an integrated platform and a full view of the patient population’s clinical and cost data, neither of which could be accomplished without new technologies to collect and analyze multi-sourced patient data. Effectively implemented, these new technologies allow organizations to enhance financial viability while exercising the freedom to join, affiliate, integrate or interoperate in ways that maximize strategic control.

Although the HITECH Act led to the meaningful adoption of electronic health records, many in the healthcare industry were dissatisfied with the level of exchange of health information between different providers and across different software platforms. With the passing of the MACRA law in 2015, the U.S. Congress declared it a national objective to achieve widespread exchange of health information through interoperable certified electronic health records (“EHR") technology. Then, in December 2016, the 21st Century Cures Act (“Cures Act”) was passed and signed into law. Among many other policies, the law includes numerous provisions intended to encourage nationwide interoperability.

In March 2020, the HHS Office of the National Coordinator for Health Information Technology (“ONC”) released a final regulation which implements the key interoperability provisions included in the Cures Act. The rule calls on developers of certified EHRs to adopt standardized application programming interfaces (“APIs”) and to meet a list of other new certification and maintenance of certification requirements in order to retain approved federal government certification status.

The ONC rule also implements the information blocking provisions of the Cures Act, including identifying reasonable and necessary activities that do not constitute information blocking. Under the Cures Act, HHS has the regulatory authority to investigate and assess civil monetary penalties of up to $1,000,000 against certified HIT developers found to be in violation of “information blocking.”

The new regulations will require significant compliance efforts for healthcare providers, information networks, exchanges, and HIT companies. However, the Cures Act also creates opportunities for improving care delivery and outcomes through increased data exchange between providers and easier patient access to their own health information. Key to unlocking these benefits is the introduction of new Fast Healthcare Interoperability Resources (“FHIR”) standards, which ONC requires certified HIT companies to adopt through APIs. Meanwhile, CMS is requiring hospitals to provide electronic admission, discharge and transfer notification to other healthcare facilities, providers and designated care team members.

Refer also to the discussion of regulatory risks within “Item 1A. Risk Factors” for governmental regulations and policies that may affect our business.

Through the expansion of our NextGen® Share interoperability services platform and API partner marketplace, we will address the increased demand for moving and sharing patient data from the EHR easily, quickly and securely. Interoperability improves patient experience and care coordination, enhances patient safety, and reduces costs. We are also expanding resources such as educational webinars, blogs and videos on interoperability to help educate and support healthcare providers.

32

Table of Contents

In recent years, there has been incremental investment to improve the delivery of behavioral healthcare. One of the central drivers of this investment has been the opioid epidemic which claims more than 80,000 lives a year in the United States. The integrated care model prevalent in FQHCs, a model which calls for integration of behavioral health and primary care in single care settings, has also gained momentum. Both behavioral health and the integrated care workflows require broad, purpose built, tailored HIT capabilities, many of which are supported by the NextGen Healthcare platform. As a result of the COVID-19 pandemic, ambulatory practices have come to appreciate the importance of business continuity, particularly in administrative business functions which are non-core to medical care and may turn to NextGen Healthcare more often for managed services.

COVID-19 Pandemic

In late 2019, the emergence of a novel coronavirus, or COVID-19, was reported and in January 2020, the World Health Organization (“WHO”), declared it a Public Health Emergency of International Concern. In March 2020, the WHO escalated COVID-19 as a pandemic. We proactively responded to the pandemic by creating an executive task force to monitor the COVID-19 situation daily and immediately restricted non-essential travel and migrated to a fully remote workforce while maintaining complete operational effectiveness.

The need to access care while still social distancing was addressed early on with the limited use of telemedicine (also known as virtual visits) and was energized when the federal government reduced regulatory barriers and addressed payment parity between virtual and in-person visits. With these tailwinds, telemedicine quickly became regarded as a safer way for patients and providers to engage each other while also relieving economic pressure on the medical practice. We believe that the uptake of telemedicine will transcend COVID-19 and that virtual visits will become a permanent and important change in the way care is delivered. Keeping patients out of the transit system, out of the waiting room and away from other sick patients is simply good medicine.

Since the mid-March 2020 timing of government orders to shelter in place and restrict non-essential medical services, the COVID-19 pandemic caused declines in patient volume. This negatively impacted our revenue in the fourth quarter of fiscal 2020, most notably for purchases of software and hardware. The impact of the disruption also impacted the first half of fiscal 2021, primarily in managed services and EDI, which are volume driven. During this challenging and uncertain period, we made some important decisions, including cost reduction activities with a primary goal of preserving cash and protecting the employee base. Most of these cost reductions were temporary as we believed that preserving our employee base, organizational momentum, and robust capabilities was the right decision for the Company and our shareholders. As the impact of the pandemic and related restrictive measures began to subside in the second half of fiscal 2021, patient volume has returned to close to pre-pandemic levels, and thus revenue returned to more normal levels. At present, we are conducting business as usual with certain modifications to employee travel, employee work locations, and marketing events, among other modifications. We continue to monitor the broader implications of the global COVID-19 pandemic and may take further actions that we determine are in the best interests of our employees, customers, partners, suppliers, and shareholders.

We assessed certain accounting matters that generally require consideration of forecasted financial information in context with the information reasonably available to the Company and the unknown future impacts of COVID-19 at March 31, 2021 and through the date of this Report. The accounting matters assessed included, but were not limited to, our allowances for doubtful accounts and the carrying value of goodwill and other long-lived assets. While there was not a material impact to our consolidated financial statements at and for the year ended March 31, 2021, our future assessment of the magnitude and duration of COVID-19, as well as other factors could result in material impacts to our consolidated financial statements in future reporting periods.

Our Strategy

We empower the transformation of ambulatory care by delivering solutions that enable groups to be successful under all models of care, including emerging value-based care models that include down-side risk. We primarily serve organizations that provide care in an ambulatory setting and do so across diverse practice sizes, specialties, and business models.  Furthermore, we support the advances in integrated care that focuses on the whole person. Our platform is uniquely positioned to successfully enable our clients to expand access to care, enhance the coordination and management of care, and optimize patient outcomes through an integrated medical record that extends across their medical, mental, and oral health and care needs.

Effective and frictionless interoperability is essential to all models of care. Our experience powering many of the nation’s Health Information Exchanges (“HIE’s”) places us in a unique position to enable our clients to leverage this technology to lower the cost of care and improve the patient and provider experience by providing an integrated community patient record.

Patient experience is directly correlated to patient engagement and an engaged patient is a key to positive outcomes. Today’s patient is also an active consumer of their healthcare, each searching for the best experience. Our platform enables our clients to create a personalized care experience that enhances trust and drives patient loyalty.

33

Table of Contents

Our longstanding success in the ambulatory market has enabled us to build significant expertise across many relevant disciples that are clients actively request. We partner with our clients to operate and optimize their IT systems and operations, enhance revenue cycle processes, service line expansion and operations, as well as advise on long-term strategy.

As one of the leading healthcare information technology players in the U.S. ambulatory marketplace, we plan to continue investing in our current capabilities as well as building and/or acquiring new capabilities as we guide our clients through the market’s transformation. We expect to continue to empower the transformation of care through the following strategic priorities:

Results of Operations

The following table sets forth the percentage of revenue represented by each item in our consolidated statements of net income and comprehensive income for the years ended March 31, 2021 and 2020 (certain percentages below may not sum due to rounding):

34

Table of Contents

Revenues

The following table presents our consolidated revenues for the years ended March 31, 2021 and 2020 (in thousands):

We generate revenue from sales of licensing rights and subscriptions to our software solutions, hardware and third-party software products, support and maintenance, managed services, electronic data interchange (“EDI”) and data services, and other non-recurring services, including implementation, training, and consulting services performed for clients who use our products.

Consolidated revenue for the year ended March 31, 2021 increased $16.6 million compared to the prior year due to a $13.5 million increase in recurring revenues and a $3.1 million increase in software, hardware and other non-recurring revenues. The increase in recurring revenues was primarily due to $20.8 million higher subscription services driven by incremental revenue from our patient experience and virtual visits platforms acquired from Medfusion and OTTO, combined with growth in subscriptions associated with our population health and analytics, mobile, connected health, core NextGen, and NextGen Office cloud-based solutions. The increase in recurring revenues from the higher subscription services was partially offset by $5.7 million lower support and maintenance revenue from client attrition and our transition to a subscription-based revenue model. Managed services revenue declined $1.4 million related to declines in cash and collections and revenue cycle management (“RCM”) bookings that were largely impacted by the COVID-19 pandemic and client attrition, partially offset by higher managed cloud services revenues and incremental patient pay services revenue acquired from Medfusion. Total software, hardware, and other non-recurring revenues increased primarily due to $1.6 million higher software license and hardware sales from increased bookings and $1.5 million increase in other non-recurring services related to the completion of professional services projects.

Bookings reflect the estimated annual value of our executed contracts, adjusted to include the effect of pre-acquisition bookings, and are believed to provide a broad indicator of the general direction and progress of the business. Total bookings were $129.4 million for the year ended March 31, 2021 compared to $130.9 million in the prior year, primarily reflecting a decline in RCM bookings, as noted above, partially offset by higher bookings of subscriptions associated with our patient experience and virtual visits platforms.

Cost of Revenue and Gross Profit

The following table presents our consolidated cost of revenue and gross profit for the years ended March 31, 2021 and 2020 (in thousands):

35

Table of Contents

Cost of revenue consists primarily of compensation expense, including share-based compensation, for personnel that deliver our products and services. Cost of revenue also includes amortization of capitalized software costs and acquired technology, third party consultant and outsourcing costs, costs associated with our EDI business partners and clearinghouses, hosting service costs, third party software costs and royalties, and other costs directly associated with delivering our products and services. Refer to Note 9, "Intangible Assets" and Note 10, "Capitalized Software Costs" of our notes to consolidated financial statements included elsewhere in this Report for additional information on current period amortization of capitalized software costs and acquired technology and an estimate of future expected amortization.

Share-based compensation expense included in cost of revenue was $2.0 million and $2.1 million for the years ended March 31, 2021 and 2020, respectively.

Gross profit for the year ended March 31, 2021 increased $8.6 million compared to the prior year while our gross margin percentage remained consistent at 50.5% for the year ended March 31, 2021 compared to the prior year period. The increase in gross profit was primarily due to higher revenues as discussed above, partially offset by an increase in cost of revenue associated with the higher revenues and higher amortization of previously capitalized software development costs.

Selling, General and Administrative Expense

The following table presents our consolidated selling, general and administrative expense for the years ended March 31, 2021 and 2020 (in thousands):

Selling, general and administrative expenses consist of compensation expense, including share-based compensation, for management and administrative personnel, selling and marketing expense, facilities costs, depreciation, professional service fees, including legal, consulting, and accounting services, acquisition and transaction-related costs, and other general corporate and administrative expenses.

Share-based compensation expense included in selling, general and administrative expenses was $16.7 million and $13.8 million for the years ended March 31, 2021 and 2020, respectively. The increase in share-based compensation expense is due to increased utilization of share-based awards to incentivize our executives and employees. Refer to Note 15, "Share-Based Awards" of our notes to consolidated financial statements included elsewhere in this Report for additional information on equity award grants.

Selling, general and administrative expenses increased $15.4 million for the year ended March 31, 2021 compared to the prior year primarily due to increased share-based compensation expense, as noted above, higher legal fees associated with our ongoing shareholder litigation matter and increases in discretionary and annual bonus expenses, partially offset by lower travel and conferences spend associated with the COVID-19 pandemic, lower acquisition costs, and lower facilities and infrastructure costs.

Research and Development Costs, net

The following table presents our consolidated net research and development costs, capitalized software costs, and gross expenditures prior to capitalization, for the years ended March 31, 2021 and 2020 (in thousands):

Gross research and development expenditures consist of compensation expense, including share-based compensation for research and development personnel, certain third-party consultant fees, software maintenance costs, and other costs related to new product development and enhancement to our existing products.

36

Table of Contents

The healthcare information systems and services industry is characterized by rapid technological change, requiring us to engage in continuing investments in our research and development to update, enhance and improve our systems. This includes expansion of our software and service offerings that support pay-for-performance initiatives around accountable care organizations, bringing greater ease of use and intuitiveness to our software products, enhancing our managed cloud and hosting services to lower our clients' total cost of ownership, expanding our interoperability and enterprise analytics capabilities, and furthering development and enhancements of our portfolio of specialty-focused templates within our electronic health records software.

The capitalization of software development costs results in a reduction to our reported net research and development costs. Our software capitalization rate, or capitalized software costs as a percentage of gross expenditures, has varied historically and may continue to vary based on the nature and status of specific projects and initiatives in progress. Although changes in software capitalization rates have no impact on our overall cash flows, it results in fluctuations in the amount of software development costs being expensed up front and the amount of net research and development costs reported in our consolidated statement of net income and comprehensive income.

Share-based compensation expense included in research and development costs was $4.0 million and $3.9 million for the years ended March 31, 2021 and 2020, respectively.

Net research and development costs for the year ended March 31, 2021 decreased $7.8 million compared to the prior year due to $5.2 million higher capitalization of software costs and a $2.6 million decrease in our gross expenditures. Our software capitalization rate fluctuates due to differences in the nature and status of our projects and initiatives during a given year, which affects the amount of development costs that may be capitalized and ultimately also affects the future amortization of our previously capitalized software development costs. The decrease in gross expenditures was primarily driven by lower salaries and benefits associated with lower headcount, lower infrastructure costs, and lower travel costs associated with the COVID-19 pandemic, partially offset by higher consulting costs.

Amortization of Acquired Intangible Assets

The following table presents our amortization of acquired intangible assets for the years ended March 31, 2021 and 2020 (in thousands):

Amortization of acquired intangible assets included in operating expenses consist of the amortization related to our customer relationships and trade names intangible assets acquired as part of our business combinations. Refer to Note 9, "Intangible Assets" of our notes to consolidated financial statements included elsewhere in this Report for an estimate of future expected amortization.

Amortization of acquired intangible assets for the year ended March 31, 2021 increased $0.3 million, compared to the prior year period due to additional amortization of the customer relationships and trade names intangible assets acquired from Medfusion.

Restructuring Costs and Impairment of Assets

Restructuring costs for the years ended March 31, 2021 and 2020 were $2.6 million and $2.5 million, respectively, related to the business restructuring plans described in further detail below.  

In May 2020, we announced a decision to execute a reduction in our workforce of less than 3% as well as other temporary cost reductions in response to the COVID-19 pandemic. We recorded $2.6 million of restructuring costs, consisting of payroll-related costs, such as severance, outplacement costs, and continuing healthcare coverage, associated with the involuntary separation of employees pursuant to a one-time benefit arrangement, for the year ended March 31, 2021 within operating expenses in our consolidated statements of net income and comprehensive income. These amounts were accrued when it was probable that the benefits would be paid, and the amounts were reasonably estimable. The payroll-related costs were substantially paid as of March 31, 2021.

In June 2019, we implemented a business restructuring plan as part of our continued efforts to preserve and grow the value of the Company through client-focused innovations while reducing our cost structure. As part of the restructuring, we reduced our total workforce by approximately 4% primarily within the research and development function and intend to expand on our research and development resources in India. We recorded $2.5 million of restructuring costs in the year ended March 31, 2020 within operating expenses in our consolidated statements of comprehensive income. The restructuring costs consisted primarily of payroll-related costs, such as severance, outplacement costs, and continuing healthcare coverage, associated with the involuntary separation of employees pursuant to a one-time benefit arrangement.

Impairment of assets for the years ended March 31, 2021 and 2020 were $5.5 million and $12.6 million, respectively, related to the impairments described in further detail below.  

37

Table of Contents

During the year ended March 31, 2021, as part of our response to the COVID-19 pandemic and ongoing cost reduction efforts, we vacated our Cary office, portions of our Irvine and Horsham offices, and the remainder of our San Diego office. We recorded impairments of $5.5 million to our operating right-of-use assets and certain related fixed assets associated with the vacated locations based on projected sublease rental income and estimated sublease commencement dates and the remeasurement of our operating lease liabilities associated with the modification of certain lease expiration dates. The impairment analyses were performed by operating right-of-use asset and the impairment charges were estimated by comparing the fair value of each operating right-of-use asset based on the expected cash flows to its respective book value. We determined the discount rate for each lease based on the approximate interest rate on a collateralized basis with similar remaining terms and payments as of the impairment date. Significant judgment was required to estimate the fair value of each operating right-of-use asset and actual results could vary from the estimates, resulting in potential future adjustments to amounts previously recorded.

During the year ended March 31, 2020, we recorded impairments of $9.4 million to our operating right-of-use assets and certain related fixed assets associated with the vacated locations, or portions thereof, in North Canton, San Diego, Horsham, St. Louis, Irvine, Atlanta, Brentwood, and Phoenix, in connection with our restructuring plans, based on projected sublease rental income and estimated sublease commencement dates.

During the year ended March 31, 2020, we also recorded $3.2 million of impairments related to the write down of previously capitalized software development costs for certain technology that will no longer be utilized in any future software solutions.

Interest Expense

The following table presents our interest expense for the years ended March 31, 2021 and 2020 (in thousands):

Interest expense relates to our revolving credit agreement and the related amortization of deferred debt issuance costs. Refer to Note 11, “Line of Credit” of our notes to consolidated financial statements included elsewhere in this Report for additional information.

Interest expense for the year ended March 31, 2021 increased $1.6 million compared to the prior year. The changes in interest expense is primarily caused by fluctuations in outstanding balances under our revolving credit agreement and the related amortization of debt issuance costs. As of March 31, 2021, we had no outstanding loans under the revolving credit agreement, compared to an outstanding balance of $129.0 million as of March 31, 2020.

Other income for the year ended March 31, 2021 decreased $0.9 million compared to the prior year, which was primarily associated with fluctuations in the India foreign exchange rates.

Benefit of Income Taxes

The following table presents our benefit of income taxes for the years ended March 31, 2021 and 2020 (in thousands):

The change in the effective tax rate for the year ended March 31, 2021 compared to the prior year was driven primarily by lower net benefits from certain return to provision adjustments and a decrease of research and development credits, decrease of certain nondeductible expenses and release of uncertain tax position reserves on prior year tax settlements, partially offset by an increase in current year valuation allowance expense related to certain deferred taxes and increase of net nondeductible compensation related expenses.

The CARES Act and the Consolidated Appropriations Act, 2021 (“Stimulus Bill”), signed into law on March 27, 2020 and December 27, 2020, respectively, have resulted in significant changes to the U.S. federal corporate tax law. Additionally, several state and foreign jurisdictions have enacted additional legislation and or comply with federal changes. We have considered the applicable tax law changes and recognized the impact in our income tax provision, as applicable.

38

Table of Contents

Net Income

The following table presents our net income (in thousands) and net income per share and for the years ended March 31, 2021 and 2020:

As a result of the foregoing changes in revenue and expense, net income for the fiscal year ended March 31, 2021 increased $2.0 million compared to the prior year period.

Liquidity and Capital Resources

The following table presents selected financial statistics and information for the years ended March 31, 2021 and 2020 (in thousands):

We had no outstanding borrowings under our revolving credit agreement as of March 31, 2021 compared to $129.0 million as of March 31, 2020.

Our principal sources of liquidity are our cash generated from operations, driven mostly by our net income and working capital management, our cash and cash equivalents, and our revolving credit agreement.

We believe that our cash and cash equivalents on hand at March 31, 2021, together with our cash flows from operating activities and liquidity provided by our revolving credit agreement, will be sufficient to meet our working capital and capital expenditure requirements for the next twelve months. During the challenging and uncertain period brought on by the initial phases of the COVID-19 pandemic, we made some important decisions, including cost reduction activities with a primary goal of preserving cash and protecting the employee base. Most of these cost reductions were temporary as we believed that preserving our employee base, organizational momentum, and robust capabilities was the right decision for our Company and our shareholders. We had proactively strengthened our cash position by increasing the outstanding borrowings under our revolving credit agreement, which was subsequently repaid based on the reassessment of our short-term cash flow and working capital requirements, such that we have no outstanding borrowings under our revolving credit agreement as of March 31, 2021. At present, we are conducting business as usual with certain modifications to employee travel, employee work locations, and marketing events, among other modifications. However, the extent to which COVID-19 may continue to impact our business, financial results, cash flows, and liquidity requirements depends on numerous evolving factors including, but not limited to, the magnitude and duration of COVID-19; the impact on our employees; the extent to which it impacts worldwide macroeconomic conditions, including interest rates, employment rates, and health insurance coverage; the speed of the recovery; and governmental and business reactions to the pandemic. We will continue to assess the potential effects of the COVID-19 pandemic on our business and actively manage our response accordingly.

Cash and Cash Equivalents

As of March 31, 2021, our cash and cash equivalents balance of $73.3 million compared to $138.0 million as of March 31, 2020.

We may continue to use a portion of our funds as well as available financing from our revolving credit agreement for future acquisitions or other similar business activities, although the specific timing and amount of funds to be used is not currently determinable. We intend to expend some of our available funds for the development of products complementary to our existing product line as well as new versions of certain of our products. These developments are intended to take advantage of more powerful technologies and to increase the integration of our products.

39

Table of Contents

Our investment policy is determined by our Board of Directors. Excess cash, if any, may be invested in very liquid short term assets including tax exempt and taxable money market funds, certificates of deposit and short term municipal bonds with average maturities of 365 days or less at the time of purchase. Our Board of Directors continues to review alternate uses for our cash including an expansion of our investment policy and other items. Any or all of these programs could significantly impact our investment income in future periods.

Cash Flows from Operating Activities

The following table summarizes our consolidated statements of cash flows for the years ended March 31, 2021 and 2020 (in thousands):