The AI opportunity in healthcare isn't in the chart. It's in prior authorization.

Every healthcare AI demo wants to show you the chart. Ambient scribes that listen to the visit and write the note. Models that read the imaging. Copilots that summarize the record. It’s impressive, it’s clinical, and it’s the wrong place to start if you’re an operator trying to get paid faster and stop burning staff on busywork.

The most expensive bottleneck in a provider organization isn’t the diagnosis. It’s prior authorization — and prior authorization automation is a process problem wearing an AI costume.

The admin layer is where the money is stuck

Walk the actual path of a prior-auth request. A clinician orders something. Someone on staff figures out whether this payer, on this plan, for this code, requires authorization — a rule that lives in a PDF on a portal that changed last Tuesday without telling anyone. They assemble the clinical justification, often by copying it out of the EHR by hand. They submit it through a payer portal or, in 2026, still by fax. Then they wait. Then they call to check status, because there is no shared system of record between the provider and the payer. Then a denial comes back for a reason that was knowable at submission time, and the loop restarts.

None of that is a clinical problem. Every slow step is an integration that nobody owns and a data contract that was never written. The information needed to make the decision exists — it’s just trapped in fax queues, payer PDFs, and email threads, in formats no system can act on. The seam between provider and payer was the problem long before anyone proposed dropping an agent on top of it.

This is the pattern I see in every “we need AI” conversation: the model is rarely the bottleneck. The workflow around it is.

Why teams reach for the model anyway

Because the model is the fun part. Spinning up an LLM that drafts a clinical justification feels like progress. But an agent that drafts beautiful justifications on top of a process where requirements are unknown, state is untracked, and denials aren’t fed back in is just a faster way to generate rework.

Here’s the uncomfortable version: an agent acting on 20% of the picture isn’t automation — it’s a faster way to be wrong. In prior auth, that 20% is the structured fields you already have in the EHR. The other 80% — the payer’s current rule set, the plan-specific exceptions, the documentation history, the denial reasons — is unstructured, undocumented, and changing. Point a model at the 20% and you’ll get confident submissions that get denied on the 80% you didn’t model.

What the working system actually looks like

Fixing prior authorization is unglamorous, and that’s exactly why it works. The order of operations matters.

1. Make the process legible. Map every payer, plan, and code combination that requires authorization, where that requirement is published, and how often it changes. Most organizations have never written this down. You can’t automate a process no one can see.

2. Build the data contract. Define the structured shape of a “prior-auth request” — the fields, the documentation requirements, the status states — and make the EHR populate it instead of a human re-keying it. This is the integration work nobody wants and everybody needs.

3. Normalize the inputs. Payer PDFs and faxes get parsed into that structured shape on arrival. This is where AI earns its place — extraction and classification across messy documents is genuinely hard, and a model is good at it. But notice it’s step three, sitting on top of a defined contract, not step one.

4. Track state in one place. Every request has a single record of truth: submitted, pending, additional-info-requested, approved, denied-and-why. The phone calls to “check status” disappear because the status is already known.

5. Feed denials back in. A denial reason is training data for the front of the pipeline. If a payer denies for missing documentation, the system should refuse to submit the next one without it. This loop is what separates automation from a faster fax machine.

The AI does real work here — reading documents, drafting justifications, flagging likely denials before submission. But it’s the last step, on top of four steps of process and integration work. That’s the whole method: fix the seams and the data contracts first, then let AI do the small last thing well.

ROI is the step you delete, not the person

The wrong way to pitch this internally is headcount. “Replace the prior-auth team” is both unrealistic and the reason these projects stall — nobody on the inside wants to hand you the rope.

The right frame: ROI shows up when AI removes a step, not when it removes a name from payroll. Count the steps you deleted. The manual re-keying: gone. The status phone calls: gone. The resubmissions for knowable denials: cut. The turnaround time per request: down by days. Your clinical staff stops doing work software should be doing and goes back to clinical work. That’s the number that survives a CFO’s scrutiny, and it doesn’t require anyone to lose a job.

The operator read

Healthcare’s real AI opportunity in the next few years won’t be won in the exam room. It’ll be won in the back office, where the documents pile up and the days tick by — and it’ll be won by whoever is willing to do the boring foundational work first.

The chart is where the attention is. Prior authorization is where the leverage is. If your “AI strategy” hasn’t looked at the admin layer yet, you’re optimizing the part that already works.

If you’re staring at a prior-auth backlog and wondering whether AI is the answer, tell me what’s broken. Sometimes it is. Often the fix underneath it is the thing that actually pays.