Back to work

AI Full-Stack

AuthLens - Prior Authorisation Evidence Copilot

AuthLens is a full-stack AI workflow platform that helps healthcare teams prepare prior authorization and appeal packets from synthetic or de-identified PDFs. It turns payer policies, denial letters, and patient-supporting documents into structured criteria, evidence matches, readiness reports, citation-checked drafts, audit logs, and exportable review packets.

auth-lens-main

Overview

AuthLens is a case-based prior authorisation evidence workspace built to move beyond a generic “chat with a medical PDF” demo. The platform focuses on a real administrative healthcare workflow: preparing documentation for prior authorisation and appeal review. A user creates an organisation-scoped case, uploads typed PDFs such as payer policies, patient notes, imaging reports, lab results, medication history, referral letters, or denial letters, and then runs a structured workflow. AuthLens extracts payer criteria, maps patient-document evidence against each criterion, identifies missing or unclear documentation, generates a readiness report, drafts a prior authorisation or appeal letter, verifies citations, and requires human approval before a packet is considered complete. The system is deliberately framed as documentation support, not clinical decision-making. It does not diagnose, recommend treatment, guarantee payer approval, or replace clinician review. Readiness scores represent documentation completeness only. The app is intended for synthetic or de-identified demos rather than real PHI. Technically, the backend is a FastAPI service with SQLAlchemy/Alembic persistence and Postgres-compatible deployment. The database is the source of truth for organisations, users, cases, documents, chunks, analysis runs, criteria, evidence matches, readiness reports, drafts, citation checks, exports, and audit events. Pinecone is used as retrieval infrastructure for indexed document chunks, with Gemini embeddings producing 768-dimensional vectors. The frontend is a Next.js workspace that keeps backend calls behind server-side route handlers rather than exposing backend service URLs directly to the browser. AI is used through a structured Groq gateway. Deterministic analysis remains the default for predictable tests and demos, while PRIORAUTH_ANALYSIS_MODE=llm enables controlled structured-output experiments. In LLM mode, AuthLens wraps document text as untrusted input, asks Groq for JSON-schema output, validates the result with Pydantic, stores completed or failed analysis runs, and fails closed without leaking raw model output or provider errors. The final product includes account registration and login, JWT authentication, role-based access control, organisation isolation, typed document upload, criteria extraction, evidence matching, readiness scoring, appeal workflow support, citation verification, draft approval gates, markdown exports, audit trails, synthetic evals, dependency-audit gates, deployment smoke scripts, and production reset delivery through SMTP or external webhook handoff.

Problem

Prior authorisation is a high-friction healthcare workflow. Clinic teams often need to read long payer policies, identify required documentation, inspect patient records for matching evidence, prepare prior authorisation or appeal letters, and prove that every claim is supported by source documents. A basic medical PDF chatbot can answer questions, but it does not produce a reviewable packet, track case state, enforce citations, or support human approval. AuthLens addresses that gap by turning retrieval-augmented document processing into a structured operational workflow. Instead of asking an open-ended question against a PDF pool, the user progresses through case creation, typed document ingestion, criteria extraction, evidence matching, readiness reporting, draft generation, citation verification, approval, and export.

Role

I designed and implemented the product direction, backend architecture, AI workflow, security model, frontend workspace, deployment configuration, and verification strategy. My work included evolving the app from an original PDF Q&A backend into a case-based PriorAuth Evidence Copilot; building FastAPI routes and service layers for cases, documents, criteria, evidence, readiness reports, drafts, citation checks, exports, auth, and audit trails; creating the Next.js reviewer workspace; integrating Pinecone vector indexing, Gemini embeddings, and Groq structured output; adding SQLAlchemy models and Alembic migrations; hardening auth/session/reset flows; writing backend, frontend, e2e, synthetic-eval, and deployment-config tests; and documenting deployment on Render/Vercel with CircleCI checks.

Constraints

The main constraint was safety. The app had to avoid presenting itself as a medical advice system, avoid guaranteeing payer approval, and keep a human reviewer in control. That shaped the workflow: readiness is documentation completeness only, drafts include clinician-review disclaimers, citation checks must pass before approval, and synthetic/de-identified data is required for demos. The second constraint was isolation and auditability. Prior authorisation workflows involve sensitive documents, so the backend enforces organisation-scoped case access, role-based permissions, cross-tenant direct-ID protections, internal backend token controls, audit events, and production config checks. The third constraint was reliable AI usage. Free-form LLM text would be too risky for this domain, so the structured LLM path uses schema-constrained Groq output, Pydantic validation, citation grounding, redacted failure metadata, and deterministic fallback behavior. The offline eval suite is designed not to call live LLM providers. The fourth constraint was deployment realism. The project needed to support a split deployment model: Next.js client on Vercel, FastAPI backend on Render, managed Postgres in production, Pinecone for vectors, CircleCI for verification, and smoke checks for post-deploy binding.

Result

AuthLens now functions as a full-stack AI healthcare workflow demo rather than a simple PDF chatbot. Implemented outcomes include: -Organisation-scoped prior-auth and appeal cases. -Typed PDF upload for payer policies, denial letters, and patient-supporting documents. -PDF parsing, page/chunk storage, checksums, vector IDs, and Pinecone indexing. -Criteria extraction from payer policy documents. -Evidence matching against patient documents only. -Readiness reports with missing/unclear documentation. -Prior-auth and appeal draft generation using verified evidence. -Denial-letter citation support for appeal cases. -Citation verification and unsupported-claim checks. -Human review and approval gates. -Markdown exports for readiness reports, letters, and packets. -Audit events for case changes, uploads, AI runs, reviewer edits, citation checks, approvals, exports, and downloads. -Self-service auth, reset-token invalidation, production reset delivery, RBAC, and organisation isolation. -12-case synthetic eval gate covering missing evidence, ambiguous policy language, contradictory evidence, appeal workflows, prompt injection, unsafe approval language, citation checks, and draft safety. -CI gates for backend tests, client tests, synthetic evals, dependency audits, migration checks, and deployment smoke wiring. The project demonstrates practical AI product engineering: not just calling an LLM, but wrapping it in workflow state, structured outputs, source grounding, reviewer controls, security boundaries, and repeatable verification.