How to Build a underwriting Agent Using CrewAI in Python for healthcare

A healthcare underwriting agent evaluates patient, provider, and policy data to decide whether a claim, application, or risk case should be approved, escalated, or rejected. In practice, that means reducing manual review time while keeping decisions explainable enough for compliance, audit, and clinical governance.

Architecture

For healthcare underwriting, I keep the agent small and opinionated. You do not want a single “smart” agent making free-form decisions over PHI.

• •

  Data intake layer

  • •Pulls structured inputs from EHR exports, claims files, eligibility systems, and policy rules.
  • •Normalizes fields like diagnosis codes, procedure codes, age bands, exclusions, and prior authorization flags.
• •

  Policy interpretation agent

  • •Reads underwriting guidelines and plan-specific rules.
  • •Flags hard stops such as excluded conditions, waiting periods, and coverage limits.
• •

  Risk assessment agent

  • •Scores the case using evidence from the input bundle.
  • •Produces a recommendation: approve, deny, or escalate for human review.
• •

  Compliance and audit agent

  • •Checks that the decision is traceable to source fields and policy language.
  • •Generates an audit trail for HIPAA-sensitive workflows.
• •

  Human escalation path

  • •Routes ambiguous or high-risk cases to an underwriter or clinical reviewer.
  • •Prevents over-automation on edge cases with incomplete data.

Implementation

1) Install CrewAI and define your data model

Use a strict schema for inputs. Healthcare workflows fail when you let raw text drift into decision logic.

from pydantic import BaseModel, Field
from typing import List, Optional

class UnderwritingCase(BaseModel):
    member_id: str
    age: int
    diagnosis_codes: List[str]
    procedure_codes: List[str]
    plan_name: str
    prior_auth_required: bool
    notes: Optional[str] = None

2) Create agents with narrow responsibilities

CrewAI’s Agent class should map to one job each. For healthcare underwriting, that means one agent interprets policy and another assesses risk.

from crewai import Agent

policy_agent = Agent(
    role="Healthcare Policy Analyst",
    goal="Interpret underwriting policy and identify coverage constraints.",
    backstory=(
        "You review healthcare plan documents and extract underwriting rules "
        "without inventing facts."
    ),
    verbose=True,
)

risk_agent = Agent(
    role="Underwriting Risk Analyst",
    goal="Assess whether the case should be approved, denied, or escalated.",
    backstory=(
        "You evaluate structured healthcare case data against policy findings "
        "and produce conservative recommendations."
    ),
    verbose=True,
)

audit_agent = Agent(
    role="Compliance Auditor",
    goal="Verify that every recommendation is explainable and auditable.",
    backstory=(
        "You check for traceability to source fields, policy references, "
        "and escalation triggers."
    ),
    verbose=True,
)

3) Define tasks with explicit outputs

Use Task objects to constrain what each step returns. In production underwriting systems, vague outputs become operational risk.

from crewai import Task

policy_task = Task(
    description=(
        "Review the healthcare underwriting rules for {plan_name}. "
        "Identify exclusions, waiting periods, prior authorization requirements, "
        "and any hard-stop conditions relevant to this case."
    ),
    expected_output="A concise list of applicable policy constraints with rationale.",
    agent=policy_agent,
)

risk_task = Task(
    description=(
        "Using the policy findings and this case payload: {case_json}, "
        "recommend approve, deny, or escalate. Explain which fields drove the decision."
    ),
    expected_output="A decision summary with recommendation and reason codes.",
    agent=risk_agent,
)

audit_task = Task(
    description=(
        "Audit the recommendation for traceability. Confirm that each decision point "
        "maps back to either a source field in the case or a policy constraint."
    ),
    expected_output="An audit note listing evidence used and any missing information.",
    agent=audit_agent,
)

4) Run the crew with a process and capture output

For simple sequential underwriting flows, Crew with Process.sequential is enough. The key is to pass serialized case data so every step sees the same source of truth.

import json
from crewai import Crew, Process

case = UnderwritingCase(
    member_id="M12345",
    age=54,
    diagnosis_codes=["E11.9", "I10"],
    procedure_codes=["99214"],
    plan_name="GoldPlus HMO",
    prior_auth_required=True,
)

crew = Crew(
    agents=[policy_agent, risk_agent, audit_agent],
    tasks=[policy_task, risk_task, audit_task],
    process=Process.sequential,
)

result = crew.kickoff(inputs={
    "plan_name": case.plan_name,
    "case_json": json.dumps(case.model_dump()),
})

print(result)

The pattern above gives you three things you need in healthcare:

• •A deterministic task order
• •A clear separation between interpretation, decisioning, and audit
• •A single output object you can store in your case management system

Production Considerations

• •

  Protect PHI end-to-end

  • •Do not send raw patient notes to external models unless your legal/compliance team has approved the vendor path.
  • •Redact identifiers where possible and encrypt data in transit and at rest.
• •

  Keep an immutable audit trail

  • •Store inputs, task outputs, timestamps, model version, prompt version, and final disposition.
  • •Underwriting decisions often need retrospective review by compliance or appeals teams.
• •

  Respect data residency

  • •If your org operates across regions, keep EU patient data in-region and separate from US workloads.
  • •This matters when your CrewAI execution layer calls tools or LLM endpoints outside approved boundaries.
• •

  Add human-in-the-loop thresholds

  • •Auto-approve only low-risk cases with complete data.
  • •Escalate missing diagnosis context, conflicting codes, or policy ambiguity to a licensed reviewer.

Common Pitfalls

• •

  Using one general-purpose agent for everything

  • •That creates sloppy reasoning and weak traceability.
  • •Split policy interpretation from risk scoring from compliance review.
• •

  Letting free-text notes drive decisions without structure

  • •Clinical notes are noisy and can contain irrelevant or protected details.
  • •Normalize key signals into fields like ICD codes, CPT codes, authorization flags, and eligibility status first.
• •

  Skipping audit metadata

  • •If you cannot explain why a case was denied six months later, you do not have an underwriting system.
  • •Persist task outputs alongside the exact input payload and model configuration used for the run.

Keep learning

• •The complete AI Agents Roadmap — my full 8-step breakdown
• •Free: The AI Agent Starter Kit — PDF checklist + starter code
• •Work with me — I build AI for banks and insurance companies

By Cyprian Aarons, AI Consultant at Topiax.