For Providers & Health Systems

Your AI agent submits prior auths to payers. Make sure only the right ones leave.

Health systems are wiring AI agents into prior-authorization submission and follow-up to cut administrative cost. The moment the agent acts, a wrong, duplicated, or out-of-scope X12 278 stops being a draft and becomes a real transaction your revenue-cycle and compliance teams have to unwind. Strix evaluates each submission at the instant it runs, blocks the ones that veer, and records a signed, verifiable decision.

Answers the question: How do providers keep an AI prior-authorization agent from submitting the wrong request?

X12 278
Real PA transaction
Execution time
Evaluated when it runs
Single-use
Revocable approval tokens
Ed25519
Signed, verifiable evidence

What goes wrong when a submission agent runs unsupervised

These are the failure modes that show up the moment a prior-auth agent stops drafting and starts acting — each one a real transaction at the payer, a patient account, or an audit finding.

A retry or replay fires the same 278 twice — the duplicate triggers payer dedup and downstream recoupment review.

The agent posts an adjustment or write-off it was never asked to make — a financial action no one authorized.

An inbound note injects the wrong CPT; the agent submits the wrong procedure and it looks valid until the claim mismatches.

High-cost, high-risk submissions fire automatically instead of being held for a human to sign off.

Logs record the mistake after the fact — by then the wrong 278 is already at the payer.

What Strix does on every submission

Strix wraps the actions a prior-auth agent can take and re-evaluates each at the moment of execution against the intent that was actually approved.

CapabilityHow Strix delivers it
Block duplicatesApproval is single-use; a replayed 278 is blocked as REPLAY before it reaches the payer. Exactly one authorization goes out.
Block out-of-scope actionsA token to submit an auth does not authorize a write-off. The adjustment is blocked as UNAUTHORIZED — prior approvals do not transfer.
Block injected divergenceThe action that runs is compared to the action that was approved. An injected CPT diverges and is blocked as SCOPE_MISMATCH before it reaches the payer.
Hold high-risk for approvalHigh-cost submissions are routed for human approval via a single-use, time-bound token instead of auto-firing — held, not denied.
Signed evidence your team can verifyEvery governed action produces an Ed25519-signed record. Your compliance team verifies it against the public JWKS with an open-source tool.

Proof, not promises

Every claim Strix makes is backed by an artifact you can independently verify.

See it on a prior-auth agent

The interactive demo runs the same submission agent ungoverned vs. governed across all four failure modes, side by side. Synthetic patients and a mock payer only.

https://www.strixgov.com/solutions/healthcare-prior-authorization

JWKS endpoint

Public keys at the canonical RFC 7517 path. A reviewer resolves any record's key id here and checks the signature without contacting Strix.

https://www.strixgov.com/.well-known/strix-jwks.json

External verifier

The same command your compliance reviewer would run — open-source, standard primitives, zero Strix dependencies.

npx @strixgov/verifier@latest <evidenceId>

Frequently asked questions

Does this touch a live payer or clearinghouse?+

Not in the demo — it runs against synthetic patients and a mock payer, with no production target in the code. In production, Strix governs the action your own integration takes; it sits in front of your submission path, it does not replace your clearinghouse connection.

Where does patient and claim data live?+

In your environment. Strix governs the action — capability, actor, intent, context — and signs a record of the decision. The data the agent acts on stays in your systems, isolated per tenant at the database with row-level security.

What does 'evaluated at execution time' mean here?+

Each action is re-checked at the moment the agent tries to run it, against the intent approved for that specific action. A prior approval to submit one request does not authorize a second submission, a different procedure, or an unrelated write-off — which is why duplicates, injected codes, and out-of-scope actions are each caught.

Can we pilot on one workflow?+

Yes. We scope a pilot on a single prior-auth or revenue-cycle workflow you already run, set it up white-glove, and time-box it to a few weeks to answer one question: did it prevent a real mistake in your environment.

See the submission agent get stopped — on your workflow

We'll walk the four scenarios live, then hand you a signed record to verify on your own machine. 30 minutes.

Currently in private beta — limited spots available.

Try it in your terminal — no signup, no install persisted
$npx @strixgov/verifier@latest 5686
Verifies a real production record against the published Ed25519 key. Returns Status: VERIFIED in ~10 seconds.